• Home
  • Blogs
  • Pass Fortinet NSE6_FML-6.2 With Prep4away Exam Dumps - Updated on Oct-2021 [Q13-Q30]

Pass Fortinet NSE6_FML-6.2 With Prep4away Exam Dumps - Updated on Oct-2021 [Q13-Q30]

Share

Pass Fortinet NSE6_FML-6.2 With Prep4away Exam Dumps - Updated on Oct-2021

Fully Updated NSE6_FML-6.2 Dumps - 100% Same Q&A In Your Real Exam

NEW QUESTION 13
Which two antispam techniques query FortiGuard for rating information? (Choose two.)

  • A. IP reputation
  • B. SURBL
  • C. DNSBL
  • D. URI filter

Answer: B,C

Explanation:
Explanation/Reference: https://docs.fortinet.com/document/fortimail/6.4.0/administration-guide/352990/configuring- antispam-profiles-and-antispam-action-profiles

 

NEW QUESTION 14
Which firmware upgrade method for an active-passive HA cluster ensures service outage is minimal, and there are no unnecessary failovers?

  • A. Upgrade the active unit, which will upgrade the standby unit automatically
  • B. Break the cluster, upgrade the units independently, and then form the cluster
  • C. Upgrade the standby unit, and then upgrade the active unit
  • D. Upgrade both units at the same time

Answer: D

Explanation:
Reference:
https://docs.fortinet.com/document/fortimail/6.2.0/administration-guide/725928/upgrading-firmware- on-ha-units

 

NEW QUESTION 15
Examine the FortiMail recipient-based policy shown in the exhibit; then answer the question below.

After creating the policy, an administrator discovered that clients are able to send unauthenticated email using SMTP. What must be done to ensure clients cannot send unauthenticated email?

  • A. Configure a matching IP policy with SMTP authentication and exclusive flag enabled
  • B. Configure an access receive rule to verify authentication status
  • C. Move the recipient policy to the top of the list
  • D. Configure an access delivery rule to enforce authentication

Answer: A

 

NEW QUESTION 16
Which of the following antispam techniques queries FortiGuard for rating information? (Choose two.)

  • A. URI filter
  • B. SURBL
  • C. DNSBL
  • D. IP reputation

Answer: A,D

 

NEW QUESTION 17
What three configuration steps are required to enable DKIM signing for outbound messages on FortiMail?
(Choose three.)

  • A. Publish the public key as a TXT record in a public DNS server
  • B. Enable DKIM check in a matching session profile
  • C. Enable DKIM check in a matching antispam profile
  • D. Enable DKIM signing for outgoing messages in a matching session profile
  • E. Generate a public/private key pair in the protected domain configuration

Answer: A,B,E

 

NEW QUESTION 18
Which three statements about SMTPS and SMTP over TLS are true? (Choose three.)

  • A. The STARTTLS command is used to initiate SMTP over TLS
  • B. SMTPS encrypts only the body of the email message
  • C. SMTPS encrypts the identities of both the sender and receiver
  • D. SMTP over TLS connections are entirely encrypted and initiated on port 465
  • E. SMTPS connections are initiated on port 465

Answer: A,C,E

Explanation:
Explanation/Reference: https://docs.fortinet.com/document/fortimail/6.2.0/administration-guide/807960/fortimail- support-of-tls-ssl

 

NEW QUESTION 19
Which firmware upgrade method for an active-passive HA cluster ensures service outage is minimal, and there are no unnecessary failovers?

  • A. Upgrade the active unit, which will upgrade the standby unit automatically
  • B. Break the cluster, upgrade the units independently, and then form the cluster
  • C. Upgrade the standby unit, and then upgrade the active unit
  • D. Upgrade both units at the same time

Answer: D

 

NEW QUESTION 20
Examine the nslookup output shown in the exhibit; then answer the question below.

Identify which of the following statements is true regarding the example.com domain's MTAs. (Choose two.)

  • A. External MTAs will send email to mx.example.com only if mx.hosted.com is unreachable
  • B. The higher preference value is used to load balance more email to the mx.example.com MTA
  • C. The PriNS server should receive all email for the example.com domain
  • D. The primary MTA for the example.com domain is mx.hosted.com

Answer: A,D

 

NEW QUESTION 21
Examine the FortiMail topology and access receive rule shown in the exhibit; then answer the question below.


An administrator must enforce authentication on FML-1 for all outbound email from the example.com domain. Which of the following settings should be used to configure the access receive rule? (Choose two.)

  • A. The Recipient pattern should be set o *@example.com
  • B. The Sender IP/netmask should be set to 10.29.1.0/24
  • C. The Authentication status should be set to Authenticated
  • D. The Action should be set to Reject

Answer: B,C

 

NEW QUESTION 22
Which of the following statements are true regarding FortiMail's behavior when using the built-in MTA to process email in transparent mode? (Choose two.)

  • A. FortiMail can queue undeliverable messages and generate DSNs
  • B. If you disable the built-in MTA, FortiMail will use its transparent proxies to deliver email
  • C. MUAs need to be configured to connect to the built-in MTA to send email
  • D. FortiMail ignores the destination set by the sender and uses its own MX record lookup to deliver email

Answer: B,D

 

NEW QUESTION 23
Refer to the exhibit.

Which statement describes the pre-registered status of the IBE user [email protected]?

  • A. The user was registered by an administrator in anticipation of IBE participation.
  • B. The user account has been de-activated, and the user must register again the next time they receive an IBE email.
  • C. The user has received an IBE notification email, but has not accessed the HTTPS URL or attachment yet.
  • D. The user has completed the IBE registration process, but has not yet accessed their IBE email.

Answer: D

Explanation:
Reference: https://docs.fortinet.com/document/fortimail/6.4.2/administration-guide/470401/configuring-ibe- users

 

NEW QUESTION 24
Refer to the exhibit.

Which configuration change must you make to block an offending IP address temporarily?

  • A. Add the offending IP address to the system block list
  • B. Add the offending IP address to the domain block list
  • C. Change the authentication reputation setting status to Enable
  • D. Add the offending IP address to the user block list

Answer: C

Explanation:
Reference: https://help.fortinet.com/fweb/550/Content/FortiWeb/fortiweb-admin/blacklisting.htm

 

NEW QUESTION 25
What are the configuration steps to enable DKIM signing for outbound messages on FortiMail? (Choose three.)

  • A. Publish the public key as a TXT record in a public DNS server
  • B. Enable DKIM check in a matching session profile
  • C. Enable DKIM check in a matching antispam profile
  • D. Enable DKIM signing for outgoing messages in a matching session profile
  • E. Generate a public/private key pair in the protected domain configuration

Answer: A,D,E

 

NEW QUESTION 26
Examine the FortiMail topology and IP-based policy shown in the exhibit; then answer the question below.

An administrator has enabled the sender reputation feature in the Example_Session profile on FML-1. After a few hours, the deferred queue on the Mail Server started filing up with undeliverable email. What changes should the administrator make to fix this issue? (Choose two.)

  • A. Disable the exclusive flag in IP policy ID 1
  • B. Clear the sender reputation database using the CLI
  • C. Create an outbound recipient policy to bypass outbound email from session profile inspections
  • D. Apply a session profile with sender reputation disabled on a separate IP policy for outbound sessions

Answer: A,C

 

NEW QUESTION 27
Refer to the exhibit.

The exhibit shows a FortiMail active-passive setup.
Which three actions are recommended when configuring the primary FortiMail HA interface? (Choose three.)

  • A. In the Peer IP address field, type 172.16.32.57
  • B. Disable Enable port monitor
  • C. In the Heartbeat status drop-down list, select Primary
  • D. In the Virtual IP address field, type 172.16.32.55/24
  • E. In the Virtual IP action drop-down list, select Use

Answer: B,C,E

 

NEW QUESTION 28
While testing outbound MTA functionality, an administrator discovers that all outbound email is being processed using policy IDs 1:2:0.
Which two reasons explain why the last policy ID value is 0? (Choose two.)

  • A. There are no outgoing recipient policies configured
  • B. IP policy ID 2 has the exclusive flag set
  • C. Outbound email is being rejected
  • D. There are no access delivery rules configured for outbound email

Answer: A,D

 

NEW QUESTION 29



Which of the following statements are true regarding the transparent mode FortiMail's email routing for the example.com domain? (Choose two.)

  • A. If incoming email are undeliverable, FML-1 can queue them to retry again later
  • B. FML-1 will use the transparent proxy for incoming sessions
  • C. FML-1 will use the built-in MTA for outgoing sessions
  • D. If outgoing email messages are undeliverable, FML-1 can queue them to retry later

Answer: A,B

 

NEW QUESTION 30
......

Latest NSE6_FML-6.2 Exam Dumps - Valid and Updated Dumps: https://www.prep4away.com/Fortinet-certification/braindumps.NSE6_FML-6.2.ete.file.html

Related Blogs

more
Fortinet NSE6_FML-6.2 Certification Practice Exam