NSE7_EFW-7.0 Fortinet NSE 7 - Enterprise Firewall 7.0 Questions and Answers

The unit is running a 32-bit FortiOS

The unit is in kernel conserve mode

The Cached value is always the Active value plus the Inactive value

Kernel indirectly accesses the low memory (LowTotal) through memory paging

The debug output shows phases 1 and 2 negotiations only. Once the tunnel is up, it does not show any more output.

The log-filter setting was set incorrectly. The VPN’s traffic does not match this filter.

The debug shows only error messages. If there is no output, then the tunnel is operating normally.

The debug output shows phase 1 negotiation only. After that, the administrator must enable the following real time debug: diagnose debug application ipsec -1.

FortiGate will probe 121.111.236.179 every fifteen minutes for a response.

Servers with the D flag are considered to be down.

Servers with a negative TZ value are experiencing a service outage.

FortiGate used 209.222.147.3 as the initial server to validate its contract.

In the network on port4, two OSPF routers are down.

Port4 is connected to the OSPF backbone area.

The local FortiGate’s OSPF router ID is 0.0.0.4

The local FortiGate has been elected as the OSPF backup designated router.

If FGVM...649 is rebooted, FGVM...650 will become the primary and retain that role, even after FGVM...649 rejoins the cluster.

If no action is taken, the primary FortiGate will leave the cluster due to the current sync status.

If port7 becomes disconnected on the secondary, both FortiGate devices will elect itself the primary.

If a configuration change is made to the primary FortiGate at this time, the secondary will initiate a synchronization reset.

Preview pending configuration changes for managed devices.

Add devices to FortiManager.

Import policy packages from managed devices.

Install configuration changes to managed devices.

Import interface mappings from managed devices.

The CA cannot resolve the name of the workstation.

The FortiGate cannot resolve the name of the workstation.

The remote registry service is not running in the workstation 192.168.12.232.

The CA cannot reach the FortiGate with the IP address 192.168.12.232.

Configure remote link monitoring to detect an issue in the forwarding path.

Configure set send-garp-on-failover enable under config system ha on both cluster members.

Verify that the speed and duplex settings match between the FortiGate interfaces and the connected switch ports.

Configure set link-failed-signal enable under config system ha on both cluster members.

ADOMs are disabled on the FortiManager

The FortiGate configuration is in sync with latest running revision history.

There are pending device-level changes yet to be installed on Local-FortiGate.

The policy package has been modified for Local-FortiGate.

It is currently in system conserve mode because of high CPU usage.

It is currently in extreme conserve mode because of high memory usage.

It is currently in proxy conserve mode because of high memory usage.

It is currently in memory conserve mode because of high memory usage.

The slave configuration is not synchronized with the master.

The HA management IP is 169.254.0.2.

Master is selected because it is the only device in the cluster.

port 7 is used the HA heartbeat on all devices in the cluster.

Configure set snat-route-change enable.

Change the priority of the port2 static route to 5.

Change the priority of the port1 static route to 11.

unset snat-route-change to return it to the default setting.

The initiator provided remote as its IPsec peer ID.

It shows a phase 2 negotiation.

Perfect Forward Secrecy (PFS) is enabled in the configuration.

The local gateway IP address is 10.0.0.1.

IPS will scan every byte in every session.

FortiGate will spawn IPS engine instances based on the system load.

New packets will be passed through without inspection if the IPS socket buffer runs out of memory.

IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.

It was created by the FortiGate kernel to allow push updates from FotiGuard.

It is for management traffic terminating at the FortiGate.

It is for traffic originated from the FortiGate.

It was created by a session helper or ALG.

Traffic has been blocked by the antivirus inspection.

The next packet must be re-evaluated against the firewall policies.

The session must be removed from the former primary unit after an HA failover.

Traffic has been identified as from an application that is not allowed.

Only the DR receives link state information from non-DR routers.

Non-DR and non-BDR routers form full adjacencies to DR only.

Non-DR and non-BDR routers send link state updates and acknowledgements to 224.0.0.6.

FortiGate first checks the OSPF ID to elect a DR.

redir.

dirty.

synced

nds.

To enable IPS bypass mode

To provide information regarding IPS sessions

To disable the IPS engine

To restart all IPS engines and monitors

10.0.1.240

One of the public FortiGuard distribution servers

10.0.1.244

10.0.1.242

FortiGate is currently blocking all new sessions regardless of the content inspection requirements or configuration settings due to high memory use.

FortiGate is currently allowing new sessions that require flow-based or proxy-based content inspection but is not performing inspection on those sessions.

FortiGate is currently blocking new sessions that require flow-based or proxy-based content inspection.

FortiGate is currently allowing new sessions that require flow-based content inspection and blocking sessions that require proxy-based content inspection.