Download Fortinet NSE 7 -Enterprise Firewall 6-2.CertDumps.NSE7_EFW-6.2.2020-11-22.1e.101q.vcex

Download Exam

File Info

Exam Fortinet NSE 7 - Enterprise Firewall 6.2
Number NSE7_EFW-6.2
File Name Fortinet NSE 7 -Enterprise Firewall 6-2.CertDumps.NSE7_EFW-6.2.2020-11-22.1e.101q.vcex
Size 15.96 Mb
Posted November 22, 2020
Downloads 3

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

 
 



Demo Questions

Question 1
A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:

   

What should the administrator check to fix the problem?

  • A: The connectivity between the FortiGate unit and the DNS server.
  • B: The connectivity between the client workstations and the DNS server.
  • C: That DNS traffic from client workstations is allowed by the explicit web proxy policies.
  • D: That DNS service is enabled in the explicit web proxy interface.  



Question 2
An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this problem?

  • A: TCP half open.
  • B: TCP half close.
  • C: TCP time wait.
  • D: TCP session time to live.



Question 3
Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below. 
# diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB. 
What should the administrator check?

  • A: The IP address recorded in the logon event for the user STUDENT.
  • B: The DNS name resolution for the workstation name INTERNAL2. TRAINING. LAB.  
  • C: The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2. TRAINING. LAB.
  • D: The reserve DNS lookup forthe IP address 192.168.3.1.



Question 4
What events are recorded in the crashlogs of a FortiGate device? (Choose two.)

  • A: A process crash.
  • B: Configuration changes.
  • C: Changes in the status of any of the FortiGuard licenses.
  • D: System entering to and leaving from the proxy conserve mode. 



Question 5
An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator noticed that some of the switches in the network continue to send traffic to the former primary unit. The administrator decides to enable the setting link-failed-signal to fix the problem. Which statement is correct regarding this command?

  • A: Forces the former primary device to shut down all its non-heartbeat interfaces for one second while the failover occurs.
  • B: Sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.  
  • C: Sends a link failed signal to all connected devices.
  • D: Disables all the non-heartbeat interfaces in all the HA members for two seconds after a failover.



Question 6
View the global IPS configuration, and then answer the question below. 

   

Which of the following statements is true regarding this configuration?

  • A: IPS will scan every byte in every session.
  • B: FortiGate will spawn IPS engine instances based on the system load.
  • C: New packets will be passed through without inspection if the IPS socket buffer runs out of memory.
  • D: IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.



Question 7
Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router The second unit is elected as the backup designated router Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?

  • A: 1
  • B: 2
  • C: 3
  • D: 4



Question 8
Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)

  • A: The next-hop IP address is up.
  • B: There is no other route, to the same destination, with a higher distance.
  • C: The link health monitor (if configured) is up.
  • D: The next-hop IP address belongs to one of the outgoing interface subnets.
  • E: The outgoing interface is up.



Question 9
View the IPS exit log, and then answer the question below. 
# diagnose test application ipsmonitor 3 
ipsengine exit log” 
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017
code = 11, reason: manual
What is the status of IPS on this FortiGate?

  • A: IPS engine memory consumption has exceeded the model-specific predefined value.
  • B: IPS daemon experienced a crash.
  • C: There are communication problems between the IPS engine and the management database.
  • D: All IPS-related features have been disabled in FortiGate’s configuration.



Question 10
View the exhibit, which contains the output of a diagnose command, and then answer the question below. 

   

Which statements are true regarding the output in the exhibit? (Choose two.)

  • A: FortiGate will probe 121.111.236.179 every fifteen minutes for a response.
  • B: Servers with the D flag are considered to be down.
  • C: Servers with a negative TZ value are experiencing a service outage.
  • D: FortiGate used 209.222.147.3 as the initial server to validate its contract.






CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset