#Fortinet

Question count - 0     Last updated    - V2 (19-Nov-2023)

Define briefly what a security policy is and why a firewall security policy is very important for any type of traffic passing through the firewall?

Define the term ?virtual wire pair? and in what circuimstances it should be used?

What are the basic CLI commands, which you must know as a network security engineer, to configure an interface under VDOM?

What is the name of protocol for link aggregation to combine multiple links for achieving more bandwidth as well as link redundancy?

What is the main difference between a redundant interface type and aggregate interface type?

What is the main different between FortiGate firewall setup in NAT mode and in transparent mode?

What is a ?ZONE? and what are its benefits in firewall management and administration?

What are the two main types of NAT in FortiGate firewall, which you can use?

What are the basic requirements for FortiGate firewalls to be part of a High Availability cluster, name few of them at least?

What are the main features you will receive when you subscribe with FortiGuard services on your firewall?

What are the main QOS techniques you can use in FortiGate to limit the traffic rates and optimizing the bandwidth?

Write down the basic configurations for creating a sub interface for vlan 10 in firewall with IP address 192.168.10.1/24?

Write down basic set of commands you need to setup an Active-Passive HA cluster on FortiGate firewalls?

Explain very briefly the steps you will perform using FortiGate GUI to take configuration backups?

Which menu using GUI will you navigate to in order to configure HA cluster in Fortigate Firewall?

Which menu will you go to and what steps will be performed to configure an interface on FortiGate firewall?

Which technique used widely in all over the world to map a range of Private IPs to a lesser range of public or single Public IP for giving access over the internet?

Which command in CLI in global configurations you can issue to enable Multi VDOM mode in FortiOS?

Which redundancy feature is used to provide redundancy by employing multiple firewalls for protection against down time of applications and services?

How to create new Zones in Fortigate using GUI?

How many ways you can configure the HA cluster setup for FortiGate firewalls?

In FortiOS, which menu in Web GUI allows you to see the overall status in the form of widgets and to configure some system options?

In Fortigate GUI, which menu allows to configure routing options?

In a single Zone, if you need to deny different interfaces to talk to each other, which command or configuration you should apply so that different interfaces under same zone cannot communicate to each other?

In Fortigate firewall, you want to give your internet users a seamless internet experience without extra proxy settings at their end. Using CLI, configure the Transparent Proxy settings along with its desired policy to work?

In case you need to only provide security to the network traffic and avoid using new network or layer 3 settings on firewall, which operating mode you should run your FortiGate Firewall?

In order to make a cluster of Fortigate firewalls how many minimal firewalls are required? In addition, name the protocol which is used for High Availability clustering setup?

In Fortinet HA cluster, Link Failure or device failure can trigger a failover; however, you are now instructed to make sure a failure in SSD can also trigger the failover to backup firewall. Using CLI how can you configure that?

In Fortinet Firewall security policy, what are the options you can use or actions you may configure for match criteria to treat a packet or traffic entering the firewall?

#BGP

Question count - 0     Last updated    - V2 (19-Nov-2023)

What is the difference between eBGP multihop and TTL security?

What is the use of BGP best path community ignore command?

What is the order of preference of attributes when applied to one neighbour in BGP?

What does a next-hop of 0.0.0.0 mean in the show IP BGP command output?

What are the well-known communities of the BGP community attribute?

What formats can I use to configure the BGP community attribute?

What is an autonomous system number (ASN) and how do I obtain one?

What is the BGP path selection criteria?

What are the benefits of configuring BGP peer groups?

What is synchronization, and how does it influence BGP routes installed in the IP routing table?

What is the default BGP ConnectRetry timer, and is it possible to tune the BGP ConnectRetry timer?

What does r RIB-Failure mean in the show ip bgp command output?

What is the command to see IPv6 BGP neighbours?

What are different BGP message types

What are various BGP states?

What are the values of keepalive and Dead timers in BGP?

What is the difference between when a route is injected in BGP via redistributing command or a network command?

What are IGPs and EGPs and why are they different?

What do you understand by BGP split-horizon rule?

What is route reflector and why it is required?

What is no-synchronization rule?

What are Default BGP timers?

What is the advantage of using BGP AS Prepend?

What is cluster id in BGP?

What is the meaning of update-source loopback?

What is confederation?

What is Route Reflector in BGP? Why is it required?

What will the BGP first check to see if a prefix is accessible?

What are the two methods for reducing the number of IBGP connection in a network?

What makes a neighbour internal BGP (iBGP)?

What the command ?neighbour update-source? do?

What is the order of preference of attributes (route-map, filter-list,prefix-list, distribute-list ) when some or all are applied to one neighbour in BGP? Kindly share for inbound updates?

What is the difference between always-compare-med and deterministic-med?

What is the default BGP ConnectRetry timer

What is the version of BGP that first supported CIDR?

What is the cost of external and internal BGP routes?

What is the purpose of route dampening?

What is the default value of MED?

Name several path attributes and their function.

Name BGP path attributes to control incoming and outgoing traffic

Explain BGP recursive lookup and site of origin (SoO).

Explain the term RIB in BGP?

Why do I see the same route twice from the same peer in BGP?

Why are there no statistic results when I use the debug bfd events and debug bfd packets commands?

Why is there a problem with iBGP in large networks? How can this problem be solved?

Which protocol and the port number does BGP use for neighborship?

Which command is used to disable BGP neighborship?

Which parameters and attributes have to be equal before MED is compared to select the best path?

How do I configure BGP?

How do I configure BGP with the use of a loopback address?

How does BGP behave differently with auto-summary enabled or disabled?

How can I announce a prefix conditionally to one ISP only when I lose the connection to my primary ISP?

How can I configure BGP to provide load sharing and redundancy in my network?

How much memory should I have in my router to receive the complete BGP routing table from my ISP?

How do I know which Cisco IOS software release supports a particular BGP feature?

How can I set the Multi Exit Discriminator (MED) value on prefixes advertised to external BGP (eBGP) neighbours to match the Interior Gateway Protocol (IGP) next hop metric?

How can I redistribute internal BGP (iBGP) learned default-route (0.0.0.0/0) route into EIGRP/OSPF/IS-IS?

How does IP RIB Update allocate memory?

How many public and private AS numbers are there?

How does neighbour soft-reconfiguration inbound command function?

How do I verify Layer 4 forwarding summary information?

How to use BGP as PE-CE backdoor link?

How can I verify if a BGP router announces its BGP networks and propagates them?

How much of minimal RAM is required to learn complete BGP routing table from one BGP peer?

How can I filter all IP routes advertised to a BGP neighbour except the default route 0.0.0.0/0?

How do we enable community propagation?

When and how should I reset a BGP session?

Difference between hard reset and soft reset in BGP?

In external BGP (eBGP) sessions, which IP address is sent as the next hop?

In regards to the removal of the static route ?ip route 10.10.0.0 255.255.0.0 Null0?, does no auto-summary in BGP cause all subnets of 10.10.0.0 to be advertised?

In Multihoming scenario, if the primary link gets fail, after how long traffic will be shifted to the secondary link?

In the global routing table, can the same AS number shows up more than once in a path?

In general which routes will affect by route dampening? eBGP or iBGP?

Do internal BGP (iBGP) sessions modify the next-hop?

Do external BGP (eBGP) sessions modify the next-hop?

Do external BGP (eBGP) sessions between confederations modify the next-hop?

#API_Gateway

Question count - 0     Last updated    - V2 (30-Nov-2023)

#Load_Balancing

Question count - 0     Last updated    - V2 (19-Nov-2023)

Load Balancers
Static	Round Robin Requests are distributed sequentially across a group of servers. No guarantee that multiple requests from a user will reach the same instance. Sticky Round Robin A better alternative to round-robin Different requests from the same user go to the same instance Hash The algorithm distributes requests based on the hash of a key value The key can be the IP address or the URL of the request Weighted Round Robin Each server gets a weight value. This value determines the proportion of traffic. Servers with higher weight receive more traffic. Good for setups having servers at different capacity levels
Dynamic	Least Connections A new request is sent to the server instance with the least number of connections. The number of connections is determined based on the relative compute capacity of a server Least Response Time A new request is sent to the server with the lowest response time in order to minimize the overall response time. Good for cases where response time is critical.

#Distributed_Tracing

Question count - 0     Last updated    - V2 (30-Nov-2023)

#Event_Bus

Question count - 0     Last updated    - V2 (30-Nov-2023)