Here we have discussed basic interview questions on the FortiGate firewall. An interviewer may ask practical questions related to FortiGate firewall configuration, security features, etc.
Top 40 Frequently Asked Fortinet Interview Questions
Here we have discussed basic interview questions on the FortiGate firewall. An interviewer may ask practical questions related to FortiGate firewall configuration, security features, etc. Click here if you are interested to know How to secure Network Firewall from Cyber Attacks.
1. What are the different authentication and encryption mechanisms available in Fortigate Firewall?
Ans: I am listing below methods in order of strength for authentication and encryption:
It is advisable to use WPA2, which is the strongest method for authentication and encryption.
2. What is the command to power off the FortiGate unit via CLI?
Ans: To power off the FortiGate unit
3. What are the points that should be considered while installing/mounting a Fortinet firewall (hardware) in the rack?
Ans: Below are the points of consideration while mounting a firewall:
4. What is Security Fabric?
Ans: Security Fabric is a security solution to detect, monitor, block, and remediate cyber-attacks.
5. What are the steps that should take before each upgrade of firmware of the Fortinet firewall?
Step 1: Back up and store old configuration.
Step 2: Back up a copy of the old firmware executable. This is for the worst-case scenario. If something bad happens, you have an option of rollback.
Step 3: Read the NOTE released by the manufacturer. It may contain useful information related to bug fixation, performance, etc.
6. Mention the steps for back up the FortiGate configuration via GUI.
Ans. Dashboard -> select Backup in System Information widget -> select drive for storing -> Encrypt configuration file – > Enter a password and select Backup – > save the configuration file
7. What is the backup configuration file format in the Fortinet firewall?
Ans: The configuration file will have a .conf extension.
8. How do you take a backup of the configuration of a Fortinet firewall?
Ans: You can use below CLI commands for backup configuration:
9. How to disable administrative access from the internet?
Ans: You can disable administrative access from the outside world via GUI and CLI.
Network -> Interfaces, edit external interface and disable five protocols: HTTPS, PING, HTTP, SSH, and TELNET under Administrative Access.
10. How to maintain short login timeouts while accessing the FortiGate firewall?
Ans: Below command can be used to short the login timeouts:
11. How can you send logs to FortiAnalyzer/FortiManager in an encrypted format by using GUI?
Ans: Select Log & Report > Log Settings and configure Remote Logging to FortiAnalyzer/FortiManager (select Encrypt log transmission).
12. Write the CLI command to disable auto USB installation.
Ans: Below is the CLI code snippet to disable USB installation
13. How does Fortinet provide support in case of any difficulty face by a network administrator?
Ans: You can access the “Customer Service & Support” page on the Fortinet portal. Following options are available to resolve any issue:
14. What is the FGCP cluster?
Ans: FGCP stands for FortiGate Clustering Protocol. It is a proprietary High Availability (HA) solution provided by Fortinet. Fortigate HA solution consists of a minimum of two firewalls configured for high availability operation.
15. How can we configure FortiOS to turn on global strong encryption?
Ans: Global strong encryption means to allow only strong ciphers (AES, 3DES) and digest (SHA1) for HTTPS, SSH, and SSL/TLS. We can use the below command to configure FortiOS:
16. What is the Next-Generation Firewall?
Ans: The Next-Generation Firewall (NGFW) acts as a deep-packet inspection firewall. It includes all the functionalities of a traditional firewall. Additionally, it provides application awareness, Integrated Intrusion Protection System (IPS), Secure Sockets Layer (SSL) inspection, and Shell (SSH) control.
17. What is UTM?
Unified threat management (UTM) is a move toward security management that allows a network administrator to monitor and manage a wide variety of security-related applications and infrastructure components through a single management console. UTM appliances not only combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform but also works within themselves interdependently just like a piece of fabric.
18. What is Security fabric?
Security Fabric uses FortiTelemetry to connect different security sensors and tools together to collect, coordinate, and respond to malicious behavior anywhere it occurs on the network in real-time. The core of a security fabric is an upstream FortiGate located at the edge of the network, with several FortiGates functioning as Internet Segmentation Firewalls (ISFWs).
A security fabric is used to coordinate with the behavior of other Fortinet products in the network, including FortiAnalyzer, FortiManager, FortiClient, FortiClient EMS, FortiWeb, FortiSwitch, and FortiAP.
19. What do you know about Fortinet’s FortiGate?
Ans: FortiGate is a firewall that was released by Fortinet. It enables protection against malware and automated visibility to stop attacks. It includes features like intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. FortiGate has also equipped with Artificial Intelligence (AI), which helps in proactive threat detection.
20. Tell me about Fortinet’s history
Ans: Fortinet was founded in the year 2000 by Ken Xie and Michael Xie (siblings). They have released their first product, FortiGate, in the year 2002. Between the years 2000 and 2003, the company has raised $13 million in private funding and $30 million in financing. Over the last decade, the company has acquired many security-related software vendors. Fortinet recently released an AI-powered product, called FortiAI in February 2020.
21.Want to Become a Master in Fortinet? Then visit here to Learn Fortinet Online Training
Ans: Fortinet is an American MNC having over 7000 employees with its headquarters at Sunnyvale, California. Fortinet provides security-driven networking solutions such as firewalls, anti-spam, endpoint security, spyware, anti-virus, etc. Fortinet also announced a technical certification program called Network Security Expert (NSE) to enable more developers on cybersecurity.
Ans: A traditional firewall is a device that controls the flow of traffic that enters or exits the network. It either uses a stateless or stateful method to achieve this. It can only track the traffic on 2 to 4 layers.
Ans: The Next-Generation Firewall (NGFW) acts as a deep-packet inspection firewall. It includes all the functionalities of a traditional firewall. Additionally, it provides application awareness, Integrated Intrusion Protection System (IPS), Secure Sockets Layer (SSL) inspection, and Shell (SSH) control.
Ans: Following are the main differences between the traditional firewall and Next-Generation firewall,
- The NGFW can find the identity of a user, whereas the traditional firewall cant.
- A traditional firewall can only track the traffic based on 2 to 4 layers. The NGFW tracks the traffic through 5 to 7 layers.
- A traditional firewall only looks at the header, footer, source, and destination of the incoming packets. The NGFW will also look at the data of the incoming packet.
Ans: Unified Threat Management (UTM) protects users from security threats. It provides a variety of security features in a single platform that can be used by IT teams to address security challenges. It includes functionalities like anti-virus, content filtering, unapproved website access, spyware, etc.
Ans: Integrated threat management is an approach used to face malware such as blended threats, spam, etc. It protects from intrusion at both gateway and endpoint levels. It enables simplified administration by protecting from all threats for every component in a heterogeneous and integrated environment.
Ans: The Fortinet Security Fabric has defined as a broad, integrated, and automated cybersecurity platform. It provides seamless protection through expanding attack surface, the profusion of endpoints across multiple environments, etc. It increases the speed of operation by linking different tools through a single console and eliminates security gaps.
22. What is the Next Generation Firewall?
A: Next-Generation Firewall (NGFW) is the part of the third generation in firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using an in-line deep packet inspection system (DPI), an intrusion prevention system (IPS).
Other techniques might also be employed, such as TLS/SSL encrypted traffic examination, website filtering, QoS/bandwidth management, antivirus scrutiny, and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).
23. What are the points that should be considered while mounting a Fortinet firewall (Hardware) in the rack?
Ans: Below are important points which explain how to perform molding Fortinet firewalls;
- First set the room temperature -> this should be equal to the range of ambient temperature which is given by the original equipment manufacturer system management(OEM).
- Using a mechanism like reliable power earthing
- Firewalls Adequate system airflow used for safe operations
- firewalls Adequate system precautions used for overcurrent management and supply wiring.
24. Why do we have to deploy a FortiMail unit in transparent mode?
Ans: If the FortiMail unit is operating in transparent mode, then the administrator doesn’t have to configure DNS records for protected domain names.
25. An e-mail message, received by the Fortinet unit is subject to the bounce verification, Antispam check, under which circumstances?
Ans: The envelop MAIL FROM field contains a null reverse-path when a bounce verification key is created and activated.
26. How Can A Fortimail Administrator Retrieve Email Account Information From An Ldap Server Instead Of Configuring This Data Manually On The Unit?
Ans: Configure the LDAP profile sections “User query options” and “Authentication” then associate the profile to the domain that is locally configured.
27 .What Is The Method Does The Fortigate Unit Use To Determine The Availability Of A Web Cache Using Web Cache Communication Protocol (wccp)?
Ans: The web cache sends an “I see you” message which is captured by the FortiGate unit.
28. Wan Optimization Is Configured In Active/passive Mode When Will The Remote Peer Accept An Attempt To Initiate A Tunnel?
Ans: The attempt will be accepted when there is a matching WAN optimization passive rule.
29. How Can A Fortimail Administrator Retrieve Email Account Information From An Ldap Server Instead Of Configuring This Data Manually On The Unit?
Ans: Configure the LDAP profile sections “User query options” and “Authentication” then associate the profile to the domain that is locally configured.
30. How we can configure FortiOS to turn on global strong encryption?
Ans:
Global strong encryption means to allow only strong ciphers (AES, 3DES) and digest (SHA1) for HTTPS, SSH, and SSL/TLS. We can use the below command to configure FortiOS:
-
- config sys global
- set strong-crypto enable
- end
31.What is your opinion of Fortinet’s FortiGate Firewall?
Ans: The rising tendency towards all-in-one products sounds a good marketing idea, but when it comes to performance, there is a big gap. It is believed that when it comes to security there should be no negotiation and concession. With all in one box, perfectly synchronized with each other working synergistically, the product is bound to be appreciated. FortiOS released by Fortinet with its range of appliances offers good routing and encryption features by enhancing support for RIP I & II and OSPF.
32.Do you know about Fortinet as an Organization?
Ans: Fortinet is an American MNC with its headquarters in Sunnyvale, California. It develops and markets cybersecurity software, appliances, and services, such as firewalls, anti-virus, intrusion prevention, and endpoint security, among others. It is the fourth-largest network security company by revenue.
33.What does Aware mean in Fortinet Security fabric?
Ans: Security Fabric behaves as a single entity from a Policy and Logging perspective, enabling end-to-end segmentation in order to lessen the risk from advanced threats. We not only need to see data that flows into and out of the network but how that data pass through the network once it is inside the perimeter. Fortinet Security Fabric enables end-to-end network segmentation for deep visibility and inspection of traffic traveling the network, and controls who and what gets to go where thereby minimizing the risk from advanced threats.
34.When using a sender reputation on a FortiMail unit, which actions can be taken against a source IP address generating spam or invalid E-mail messages?
Ans:
- FortiMail Delays the email messages from that source IP address with a temporary failure.
- FortiMail Rejects the email messages from that source IP address with a permanent failure.
- FortiMail Quarantines all the email messages from that source IP address.
35.What do we mean by Actionable in Fortinet Security Fabric?
Ans: Big Data cloud systems correlate risk information and network data to deliver into Actionable Threat Intelligence in real-time. It is not enough to sense bad traffic or block malware using distinct security devices. Network administrators need a common set of risk intelligence and centralized orchestration that allows the security to dynamically adapt as a risk is revealed anywhere, not just in our network, but also anywhere in the world. Fortinet’s Big Data cloud systems centralize and correlate risk information and network data and provide actionable threat intelligence to each and every single security device in the network’s security fabric in real-time.
36.What distinguishes Fortinet’s security fabric approach from other vendors’ attempts at an integrated platform?
Ans: Fortinet distinguishes with other vendors with intentionally designed integration beginning with a unified operating system, highly optimized hardware and software processing with unmatched zero-day discovery, and a detection approach that combines behavioural detection, machine learning, and hardware virtualization. This allows the Fortinet Security Fabric to go beyond what is possible with a traditional signature-based approach to risk protection, or with siloed security technologies that vendors have begun to apparently stitch together using an overlay “platform” method.
37.Which back-end servers can be used to provide recipient verification?
Ans: LDAP servers, and SMTP servers.
38.What is the one reason for deploying a FortiMail unit in transparent mode?
Ans: If the network administrator deploys FortiMail unit in transparent mode then DNS records do not necessarily have to be modified.
39.An e-mail message, received by the FortiMail unit is subject to the bounce verification, Antispam check, under which circumstances?
Ans: The envelope MAIL FROM field contains a null reverse-path when a Bounce Verification key is created and activated.
40.Do you know about Fortinet as an Organization?
Ans: Fortinet is an American MNC with its headquarters in Sunnyvale, California. It develops and markets cybersecurity software, appliances, and services, such as firewalls, anti-virus, intrusion prevention, and endpoint security, among others. It is the fourth-largest network security company by revenue.