Docsity
Docsity

Prepara i tuoi esami
Prepara i tuoi esami

Studia grazie alle numerose risorse presenti su Docsity


Ottieni i punti per scaricare
Ottieni i punti per scaricare

Guadagna punti aiutando altri studenti oppure acquistali con un piano Premium


Guide e consigli
Guide e consigli


Enterprise firewall exam, Schemi e mappe concettuali di Sistemi Informativi

Enterprise firewall exam fortinet

Tipologia: Schemi e mappe concettuali

2024/2025

Caricato il 03/11/2025

adriana-ymeri
adriana-ymeri 🇮🇹

1 documento

1 / 32

Toggle sidebar

Questa pagina non è visibile nell’anteprima

Non perderti parti importanti!

bg1
8EBAAF1B06D7BFF9976E58F5D11321C6
Number: NSE7_EFW-6.2
Passing Score: 800
Time Limit: 120 min
File Version: 3.0
NSE7_EFW-6.2
Fortinet NSE 7 - Enterprise Firewall 6.2
Version 3.0
tvt_vn/ebay
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20

Anteprima parziale del testo

Scarica Enterprise firewall exam e più Schemi e mappe concettuali in PDF di Sistemi Informativi solo su Docsity!

Number: NSE7_EFW-6. Passing Score: 800 Time Limit: 120 min File Version: 3. NSE7_EFW-6. Fortinet NSE 7 - Enterprise Firewall 6. Version 3. tvt_vn/ebay

Exam A QUESTION 1 Which two configuration settings change the behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.) A. IPS failopen B. mem failopen C. AV failopen D. UTM failopen Correct Answer: AC Section: (none) Explanation Explanation/Reference: QUESTION 2 Refer to the exhibit, which contains the partial output of a diagnose command. Based on the output, which two statements are correct? (Choose two.) A. Anti-replay is enabled. B. DPD is disabled. C. Remote gateway IP is 10.200.4.1. D. Quick mode selectors are disabled. Correct Answer: AC Section: (none) Explanation Explanation/Reference: QUESTION 3 Refer to the exhibit, which contains the output of a diagnose command. tvt_vn/ebay

All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network. If the priority on route ID 1 were changed from 5 to 20 , what would happen to traffic matching that user’s session? A. The session would remain in the session table, but its traffic would now egress from both port1 and port2. B. The session would remain in the session table, and its traffic would still egress from port1. C. The session would remain in the session table, and its traffic would start to egress from port2. D. The session would be deleted, so the client would need to start a new session. Correct Answer: B Section: (none) tvt_vn/ebay

Explanation Explanation/Reference: QUESTION 6 Which three conditions are required for two FortiGate devices to form an OSP adjacency? (Choose three.) A. OSPF costs match B. OSPF peer IDs match C. Hello and dead intervals match D. OSPF IP MTUs match E. IP addresses are in the same subnet Correct Answer: CDE Section: (none) Explanation Explanation/Reference: QUESTION 7 Which two statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.) A. (^) When executed on the Device Database , you must use the installation wizard to apply the changes to the managed FortiGate. B. When executed on the Policy Package, ADOM database , changes are applied directly to the managed FortiGate. C. (^) When executed on the All FortiGate in ADOM , changes are automatically installed without creating a new revision history. D. When executed on the Remote FortiGate directly , administrators do not have the option to review the changes prior to installation. Correct Answer: AD Section: (none) Explanation Explanation/Reference: QUESTION 8 Refer to the exhibit, which contains a partial output of an IKE real-time debug. tvt_vn/ebay

Which statement about FortiGate inspection of this session is true? A. FortiGate applied proxy-based inspection. B. FortiGate applied flow-based NGFW policy-based inspection. C. FortiGate applied flow-based inspection. D. FortiGate forwarded this session without any inspection. Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 11 Refer to the exhibit, which contains the output of a debug command. tvt_vn/ebay

Which two statements about the exhibit are true? (Choose two.) A. The local FortiGate OSPF router ID is 0.0.0.4. B. The local FortiGate is the backup designated router. C. In the network connected to port4, two OSPF routers are down. D. Port4 is connected to the OSPF backbone area. Correct Answer: AD Section: (none) Explanation Explanation/Reference: QUESTION 12 Refer to the exhibit, which contains the output of diagnose sys session stat. Which two statements about the output shown are correct? (Choose two.) A. No sessions have been deleted because of memory pages exhaustion. B. There are 0 ephemeral sessions. C. There are 168 TCP sessions waiting to complete the three-way handshake. D. All the sessions in the session table are TCP sessions. Correct Answer: AB Section: (none) Explanation Explanation/Reference: QUESTION 13 tvt_vn/ebay

If the HA ID for the primary unit is zero (0), which statement about the output is true? A. This session cannot be synced with the slave unit. B. The inspection of this session has been offloaded to the slave unit. C. The master unit is processing this traffic. D. This session is for HA heartbeat traffic. Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 15 Refer to the exhibit, which contains the partial output of an IKE real-time debug. tvt_vn/ebay

Why did the tunnel not come up? A. The pre-shared keys do not match B. The remote gateway phase 1 configuration does not match the local gateway phase 1 configuration. C. The remote gateway phase 2 configuration does not match the local gateway phase 2 configuration. D. The remote gateway is using aggressive mode and the local gateway is configured to use main mode. Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 16 An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary unit. The administrator decides to enable the setting link-failed-signal to fix the problem. Which statement about this command is true? A. It forces the former primary device to shut down all its non-heartbeat interfaces for one second while the tvt_vn/ebay

Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 19 Refer to the exhibit, which contains the output of a debug command. Which statement about this FortiGate is correct? A. It is currently in system conserve mode because of high CPU usage. B. It is currently in extreme conserve mode because of high memory usage. C. It is currently in proxy conserve mode because of high memory usage. D. It is currently in memory conserve mode because of high memory usage. Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 20 How does FortiManager handle FortiGate requests from FortiGate devices, when it is configured as a local FDS? A. FortiManager will respond to update requests only from a managed device. B. FortiManager can download and maintain local copies of FortiGuard databases. C. FortiManager supports only FortiGuard push update to managed devices. D. FortiManager does not support web filter rating requests. Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 21 Refer to the exhibit, which contains the output of a BGP debug command. tvt_vn/ebay

Which statement about the exhibit is true? A. The local router has received a total of three BGP prefixes from all peers. B. The local router has not established a TCP session with 100.64.3.1. C. Since the counters were last reset, the 10.200.3.1 peer has never been down. D. The local router BGP state is OpenConfirm with the 10.127.0.75 peer. Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 22 Refer to the exhibit, which contains the output of a web filtering diagnose command. tvt_vn/ebay

Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 24 Which two conditions must be met for a statistic route to be active in the routing table? (Choose two.) A. The link health monitor (if configured) is up. B. There is no other route, to the same destination, with a higher distance. C. The outgoing interface is up. D. The next-hop IP address is up. Correct Answer: AC Section: (none) Explanation Explanation/Reference: QUESTION 25 When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filter web requests when the client browser does not provide the server name indication (SNI) extension? A. FortiGate uses the requested URL from the user’s web browser. B. FortiGate uses the CN information from the Subject field in the server certificate. C. FortiGate blocks the request without any further inspection. D. FortiGate switches to the full SSL inspection method to decrypt the data. Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 26 Refer to the exhibit, which contains the output of a real-time debug. Which statement regarding this output is true? A. FortiGate found the requested URL in its local cache. tvt_vn/ebay

B. The requested URL belongs to category ID 52. C. The client hostname is training.fortinet.com. D. This web request was inspected using the root web filter profile. Correct Answer: AB Section: (none) Explanation Explanation/Reference: QUESTION 27 Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.) A. Import policy packages from managed devices. B. Preview pending configuration changes for managed devices. C. Add devices to FortiManager. D. Import interface mappings from managed devices. E. Install configuration changes to managed devices. Correct Answer: BE Section: (none) Explanation Explanation/Reference: QUESTION 28 Refer to the exhibit, which contains a partial routing table. Assuming all the appropriate firewall policies are configured, which two pings will FortiGate route? (Choose two.) A. Source IP address: 10.72.3.52, Destination IP address: 10.1.0. B. Source IP address: 10.73.9.10, Destination IP address: 10.72.3. C. Source IP address: 10.10.4.24, Destination IP address: 10.72.3. D. Source IP address: 10.1.0.10, Destination IP address: 10.64.1. tvt_vn/ebay

Which two statements about this debug output are correct? (Choose two.) A. The initiator has provided remote as its IPsec peer ID. B. The negotiation is using AES128 encryption with CBC hash. C. The remote gateway IP address is 10.0.0.1. D. It shows a phase 1 negotiation. Correct Answer: AD Section: (none) Explanation Explanation/Reference: QUESTION 31 Which two statements about FortiManager are true when it is deployed as a local FDS? (Choose two.) A. It caches available firmware updates for unmanaged devices. B. It provides VM license validation services. C. It can be configured as an update server, or a rating server, but not both. D. It supports rating requests from both managed and unmanaged devices. Correct Answer: AB Section: (none) Explanation tvt_vn/ebay

Explanation/Reference: QUESTION 32 Refer to the exhibit, which contains a CLI script configuration on FortiManager. An administrator has configured the CLI script on FortiManager, which failed to apply any changes to the managed device after being executed. Why did the script not make any changes to the managed device? A. There is an existing route with a lower priority value. B. CLI scripts will add objects only if they are referenced by policies. C. Commands that start with the #sign are not executed. D. Static routes can only be added using TCL scripts. Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 33 tvt_vn/ebay