Summer Special Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_EFW-6.4
  5. Fortinet NSE 7 - Enterprise Firewall 7.0 Questions and Answers
Note! The NSE7_EFW-6.4 Exam is no longer available. Get in touch with our Live Chat or email us for more information about the NSE7_EFW-7.0 Exam.

NSE7_EFW-6.4 Fortinet NSE 7 - Enterprise Firewall 7.0 Questions and Answers

Questions 4

Refer to the exhibit, which shows a FortiGate configuration.

NSE7_EFW-6.4 Question 4

An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however, the web filter is not inspecting any traffic that is passing through the policy.

What must the administrator change to fix the issue?

Options:

A.

The administrator must increase webfilter-timeout.

B.

The administrator must disable webfilter-force-off.

C.

The administrator must change protocol to TCP.

D.

The administrator must enable fortiguard-anycast.

Buy Now
Questions 5

Examine the following partial output from two system debug commands; then answer the question below.

NSE7_EFW-6.4 Question 5

NSE7_EFW-6.4 Question 5

Which of the following statements are true regarding the above outputs? (Choose two.)

Options:

A.

The unit is running a 32-bit FortiOS

B.

The unit is in kernel conserve mode

C.

The Cached value is always the Active value plus the Inactive value

D.

Kernel indirectly accesses the low memory (LowTotal) through memory paging

Buy Now
Questions 6

Examine the output from the ‘diagnose vpn tunnel list’ command shown in the exhibit; then answer the question below.

NSE7_EFW-6.4 Question 6

Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?

Options:

A.

diagnose sniffer packet any ‘port 500’

B.

diagnose sniffer packet any ‘esp’

C.

diagnose sniffer packet any ‘host 10.0.10.10’

D.

diagnose sniffer packet any ‘port 4500’

Buy Now
Questions 7

Which of the following statements are correct regarding application layer test commands? (Choose two.)

Options:

A.

They are used to filter real-time debugs.

B.

They display real-time application debugs.

C.

Some of them display statistics and configuration information about a feature or process.

D.

Some of them can be used to restart an application.

Buy Now
Questions 8

Examine the output of the ‘get router info bgp summary’ command shown in the exhibit; then answer the question below.

NSE7_EFW-6.4 Question 8

Which statement can explain why the state of the remote BGP peer 10.200.3.1 is Connect?

Options:

A.

The local peer is receiving the BGP keepalives from the remote peer but it has not received any BGP prefix yet.

B.

The TCP session for the BGP connection to 10.200.3.1 is down.

C.

The local peer has received the BGP prefixed from the remote peer.

D.

The local peer is receiving the BGP keepalives from the remote peer but it has not received the OpenConfirm yet.

Buy Now
Questions 9

An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device. The administrator decides to enable the setting link-failed-signal to fix the problem.

Which statement about this setting is true?

Options:

A.

It sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.

B.

It sends a link failed signal to all connected devices.

C.

It disabled all the non-heartbeat interfaces in all HA members for two seconds after a failover.

D.

It forces the former primary device to shut down all its non-heartbeat interfaces for one second, while the failover occurs.

Buy Now
Questions 10

In which two states is a given session categorized as ephemeral? (Choose two.)

Options:

A.

A TCP session waiting to complete the three-way handshake.

B.

A TCP session waiting for FIN ACK.

C.

A UDP session with packets sent and received.

D.

A UDP session with only one packet received.

Buy Now
Questions 11

Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router The second unit is elected as the backup designated router Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?

Options:

A.

1

B.

2

C.

3

D.

4

Buy Now
Questions 12

Which statement is true regarding File description (FD) conserve mode?

Options:

A.

IPS inspection is affected when FortiGate enters FD conserve mode.

B.

A FortiGate enters FD conserve mode when the amount of available description is less than 5%.

C.

FD conserve mode affects all daemons running on the device.

D.

Restarting the WAD process is required to leave FD conserve mode.

Buy Now
Questions 13

Which statement about the designated router (DR) and backup designated router (BDR) in an OSPF multi-access network is true?

Options:

A.

FortiGate first checks the OSPF ID to elect a DR.

B.

Non-DR and non-BDR routers will form full adjacencies to DR and BDR only.

C.

BDR is responsible for forwarding link state information from one router to another.

D.

Only the DR receives link state information from non-DR routers.

Buy Now
Questions 14

Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

Options:

A.

SIP session helper runs in the kernel; SIP ALG runs as a user space process.

B.

SIP ALG supports SIP HA failover; SIP helper does not.

C.

SIP ALG supports SIP over IPv6; SIP helper does not.

D.

SIP ALG can create expected sessions for media traffic; SIP helper does not.

E.

SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.

Buy Now
Questions 15

View the exhibit, which contains a screenshot of some phase-1 settings, and then answer the question below.

NSE7_EFW-6.4 Question 15

The VPN is up, and DPD packets are being exchanged between both IPsec gateways; however, traffic cannot pass through the tunnel. To diagnose, the administrator enters these CLI commands:

NSE7_EFW-6.4 Question 15

However, the IKE real time debug does not show any output. Why?

Options:

A.

The debug output shows phases 1 and 2 negotiations only. Once the tunnel is up, it does not show any more output.

B.

The log-filter setting was set incorrectly. The VPN’s traffic does not match this filter.

C.

The debug shows only error messages. If there is no output, then the tunnel is operating normally.

D.

The debug output shows phase 1 negotiation only. After that, the administrator must enable the following real time debug: diagnose debug application ipsec -1.

Buy Now
Questions 16

Examine the output of the 'diagnose debug rating' command shown in the exhibit; then answer the question below.

NSE7_EFW-6.4 Question 16

Which statement are true regarding the output in the exhibit? (Choose two.)

Options:

A.

There are three FortiGuard servers that are not responding to the queries sent by the FortiGate.

B.

The TZ value represents the delta between each FortiGuard server's time zone and the FortiGate's time zone.

C.

FortiGate will send the FortiGuard queries to the server with highest weight.

D.

A server's round trip delay (RTT) is not used to calculate its weight.

Buy Now
Questions 17

When does a RADIUS server send an Access-Challenge packet?

Options:

A.

The server does not have the user credentials yet.

B.

The server requires more information from the user, such as the token code for two-factor authentication.

C.

The user credentials are wrong.

D.

The user account is not found in the server.

Buy Now
Questions 18

Which of the following statements is true regarding a FortiGate configured as an explicit web proxy?

Options:

A.

FortiGate limits the number of simultaneous sessions per explicit web proxy user. This limit CANNOT be modified by the administrator.

B.

FortiGate limits the total number of simultaneous explicit web proxy users.

C.

FortiGate limits the number of simultaneous sessions per explicit web proxy user The limit CAN be modified by the administrator

D.

FortiGate limits the number of workstations that authenticate using the same web proxy user credentials. This limit CANNOT be modified by the administrator.

Buy Now
Exam Code: NSE7_EFW-6.4
Exam Name: Fortinet NSE 7 - Enterprise Firewall 7.0
Last Update: Apr 14, 2023
Questions: 1