正真正銘のNSE6_FML-6.2問題集で無料PDF問題で合格させる [Q24-Q41]

正真正銘のNSE6_FML-6.2問題集で無料PDF問題で合格させる

結果を保証するには最新2022年01月無料で提供するNSE6_FML-6.2

質問 24
Refer to the exhibit.

Which configuration change must you make to block an offending IP address temporarily?

A. Add the offending IP address to the user block list
B. Add the offending IP address to the system block list
C. Change the authentication reputation setting status to Enable
D. Add the offending IP address to the domain block list

正解: C

解説:
Reference: https://help.fortinet.com/fweb/550/Content/FortiWeb/fortiweb-admin/blacklisting.htm

質問 25
Refer to the exhibit.

An administrator has enabled the sender reputation feature in the Example_Session profile on FML-1. After a few hours, the deferred queue on the mail server starts filling up with undeliverable email. What two changes must the administrator make to fix this issue? (Choose two.)

A. Clear the sender reputation database using the CLI
B. Create an outbound recipient policy to bypass outbound email from session profile inspections
C. Disable the exclusive flag in IP policy ID 1
D. Apply a session profile with sender reputation disabled on a separate IP policy for outbound sessions

正解: C,D

質問 26
Refer to the exhibit.

What are two expected outcomes if FortiMail applies this antivirus action profile to an email? (Choose two.)

A. Virus content will be removed from the email
B. The administrator will be notified of the virus detection
C. The sanitized email will be sent to the recipient's personal quarantine
D. A replacement message will be added to the email

正解: C,D

質問 27
Examine the FortiMail active-passive cluster shown in the exhibit; then answer the question below.

Which of the following parameters are recommended for the Primary FortiMail's HA interface configuration?
(Choose three.)

A. Heartbeat status: Primary
B. Virtual IP address: 172.16.32.55/24
C. Enable port monitor: disable
D. Peer IP address: 172.16.32.57
E. Virtual IP action: Use

正解: A,B,E

質問 28
What are the configuration steps to enable DKIM signing for outbound messages on FortiMail? (Choose three.)

A. Generate a public/private key pair in the protected domain configuration
B. Enable DKIM check in a matching antispam profile
C. Enable DKIM check in a matching session profile
D. Publish the public key as a TXT record in a public DNS server
E. Enable DKIM signing for outgoing messages in a matching session profile

正解: A,D,E

質問 29
Examine the FortiMail recipient-based policy shown in the exhibit; then answer the question below.

After creating the policy, an administrator discovered that clients are able to send unauthenticated email using SMTP. What must be done to ensure clients cannot send unauthenticated email?

A. Configure an access receive rule to verify authentication status
B. Move the recipient policy to the top of the list
C. Configure an access delivery rule to enforce authentication
D. Configure a matching IP policy with SMTP authentication and exclusive flag enabled

正解: D

質問 30
Refer to the exhibit.

It is recommended that you configure which three access receive settings to allow outbound email from the example.com domain on FML-1? (Choose three.)

A. The Sender pattern should be set to *@example.com
B. The Recipient pattern should be set to 10.29.1.45/24
C. The Sender IP/netmask should be set to 10.29.1.45/32
D. The Enable check box should be cleared
E. The Action should be set to Relay

正解: C,D,E

質問 31

Which of the following statements are true regarding the transparent mode FortiMail's email routing for the example.com domain? (Choose two.)

A. FML-1 will use the built-in MTA for outgoing sessions
B. If incoming email are undeliverable, FML-1 can queue them to retry again later
C. If outgoing email messages are undeliverable, FML-1 can queue them to retry later
D. FML-1 will use the transparent proxy for incoming sessions

正解: B,D

質問 32
Refer to the exhibit.

An administrator has enabled the sender reputation feature in the Example_Session profile on FML-1. After a few hours, the deferred queue on the mail server starts filling up with undeliverable email. What two changes must the administrator make to fix this issue? (Choose two.)

A. Clear the sender reputation database using the CLI
B. Create an outbound recipient policy to bypass outbound email from session profile inspections
C. Disable the exclusive flag in IP policy ID 1
D. Apply a session profile with sender reputation disabled on a separate IP policy for outbound sessions

正解: C,D

質問 33
Refer to the exhibit.

Which statement describes the impact of setting the User inactivity expiry time option to 90 days?

A. IBE user accounts will expire after 90 days of inactivity, and must register again to access new IBE email message
B. After initial registration, IBE users can access the secure portal without authenticating again for 90 days
C. Registered IBE users have 90 days from the time they receive a notification email message to access their IBE email
D. First time IBE users must register to access their email within 90 days of receiving the notification email message

正解: A

解説:
Reference: https://docs.fortinet.com/document/fortimail/6.4.0/cli-reference/813529/system-encryption- ibe#config_3733402351_2450215

質問 34
Refer to the exhibit.

Which message size limit will FortiMail apply to the outbound email?

A. 0
B. 1
C. 2
D. 3

正解: A

質問 35
Examine the FortiMail topology and access receive rule shown in the exhibit; then answer the question below.

An administrator must enforce authentication on FML-1 for all outbound email from the example.com domain. Which of the following settings should be used to configure the access receive rule? (Choose two.)

A. The Recipient pattern should be set o *@example.com
B. The Action should be set to Reject
C. The Sender IP/netmask should be set to 10.29.1.0/24
D. The Authentication status should be set to Authenticated

正解: C,D

質問 36
While reviewing logs, an administrator discovers that an incoming email was processed using policy IDs
0:4:9.
Which two scenarios will generate this policy ID? (Choose two.)

A. FortiMail applies the default behavior for relaying inbound email
B. FortiMail configuration is missing an access delivery rule
C. Incoming recipient policy ID 9 has the exclusive flag set
D. Email was processed using IP policy ID 4

正解: A,B

質問 37
Refer to the exhibit.

It is recommended that you configure which three access receive settings to allow outbound email from the example.comdomain on FML-1? (Choose three.)

A. The Sender pattern should be set to *@example.com
B. The Recipient pattern should be set to 10.29.1.45/24
C. The Sender IP/netmask should be set to 10.29.1.45/32
D. The Enable check box should be cleared
E. The Action should be set to Relay

正解: C,D,E

質問 38
Which firmware upgrade method for an active-passive HA cluster ensures service outage is minimal, and there are no unnecessary failovers?

A. Upgrade the active unit, which will upgrade the standby unit automatically
B. Upgrade the standby unit, and then upgrade the active unit
C. Upgrade both units at the same time
D. Break the cluster, upgrade the units independently, and then form the cluster

正解: C

解説:
Reference:
https://docs.fortinet.com/document/fortimail/6.2.0/administration-guide/725928/upgrading-firmware- on-ha-units

質問 39
Which of the following statements are true regarding FortiMail's behavior when using the built-in MTA to process email in transparent mode? (Choose two.)

A. FortiMail can queue undeliverable messages and generate DSNs
B. MUAs need to be configured to connect to the built-in MTA to send email
C. FortiMail ignores the destination set by the sender and uses its own MX record lookup to deliver email
D. If you disable the built-in MTA, FortiMail will use its transparent proxies to deliver email

正解: C,D

質問 40
An organization has different groups of users with different needs in email functionality, such as address book access, mobile device access, email retention periods, and disk quotas.
Which FortiMail feature specific to server mode can be used to accomplish this?