NSE7_EFW-6.0 Online Practice Questions and Answers

Which of the following tasks are automated using the Install Wizard on FortiManager? (Choose two.)

A. Install configuration changes to managed devices.

B. Preview pending configuration changes for managed devices.

C. Import policy packages from managed devices.

D. Add devices to FortiManager.

E. Import interface mappings from managed devices

View the exhibit, which contains a session table entry, and then answer the question below.

Which one of the following statements is true regarding FortiGates's inspection of this session?

A. FortiGate applied flow-based inspection.

B. FortiGate applied proxy-based inspection.

C. FortiGate forwarded this session without any inspection.

D. FortiGate applied NGFW flow-based inspection.

View the exhibit, which contains the output of a BGP debug command, and then answer the question below.

Which of the following statements about the exhibit are true? (Choose two.)

A. The local router's BGP state is Established with the 10.125.0.60 peer.

B. Since the counters were last reset; the 10.200.3.1 peer has never been down.

C. The local router has received a total of three BGP prefixes from all peers.

D. The local router has not established a TCP session with 100.64.3.1.

View the global IPS configuration, and then answer the question below.

Which of the following statements is true regarding this configuration? (Choose two.)

A. IPS will scan every byte in every session.

B. IPS acceleration is disabled in this FortiGate device's configuration.

C. New packets requiring IPS inspection will be passed through during conserve mode.

D. FortiGate will spawn IPS engine instances based on the system load.

View the exhibit, which contains the output of a web filtering diagnose command, and then answer the question below.

Which one of the following statements explains why the cache statistics are all zeros?

A. There are no users making web requests.

B. The administrator has reallocated the cache memory to a separate process.

C. The FortiGuard web filter cache is disabled in the FortiGate's configuration.

D. FortiGate is using flow-based inspection which doesn't use the cache.

What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

A. OSPF IP MTUs match.

B. OSPF costs match.

C. OSPF peer IDs match.

D. IP addresses are in the same subnet.

E. Hello and dead intervals match.

View the exhibit, which contains the output of a diagnose command, and then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

A. FortiGate used 209.222.147.36 as the initial server to validate its contract.

B. Servers with the D flag are considered to be down.

C. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.

D. Servers with a negative TZ value are experiencing a service outage.

When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filler web requests when the client browser does not provide the server name indication (SNI) extension ?

A. FortiGate switches to the full SSL inspection method to decrypt the data.

B. FortiGate blocks the request without any further inspection.

C. FortiGate uses the Issued T: field in the server's certificate.

D. FortiGate uses the requested URL from the user's web browser.

View the exhibit, which contains the output of diagnose sys session stat, and then answer the question below.

Which of the following statements about the output shown are correct? (Choose two.)

A. There are 166 TCP sessions waiting to complete the three-way handshake.

B. All the sessions in the session table are TCP sessions.

C. There are 0 ephemeral sessions.

D. No sessions have been deleted because of memory pages exhaustion.

View the exhibit, which contains the output of a debug command, and then answer the question below.

Which of the following statements about the exhibit are true? (Choose two.)

A. Port4 is connected to the OSPF backbone area.

B. In the network connected to port4, two OSPF routers are down.

C. The local FortiGate is the backup designated router.

D. The local FortiGate's OSPF router ID is 0.0.0.4.