Fortinet NSE7_EFW-6.0 Online Practice Questions and Exam Preparation

Fortinet NSE7_EFW-6.0 Online Questions & Answers

• Question 21:

  View the exhibit, which contains a partial routing table, and then answer the question below.

  

  Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

  A. Source IP address 10.1.0.24, Destination IP address 10.72.3.20.
  B. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.
  C. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.
  D. Source IP address 10.73.9.10, Destination IP address 10.72.3.15.
  B. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.
  C. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.

• Question 22:

  View the global IPS configuration, and then answer the question below.

  

  Which of the following statements is true regarding this configuration? (Choose two.)

  A. IPS will scan every byte in every session.
  B. IPS acceleration is disabled in this FortiGate device's configuration.
  C. New packets requiring IPS inspection will be passed through during conserve mode.
  D. FortiGate will spawn IPS engine instances based on the system load.
  A. IPS will scan every byte in every session.
  D. FortiGate will spawn IPS engine instances based on the system load.

• Question 23:

  How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?

  A. FortiManager will respond to update requests only from a managed device.
  B. FortiManager can download and maintain local copies of FortiGuard databases.
  C. FortiManager supports only FortiGuard push update to managed devices.
  D. FortiManager does not support web filter rating requests.
  B. FortiManager can download and maintain local copies of FortiGuard databases.

• Question 24:

  What does the dirty flag mean in a FortiGate session?

  A. The session must be removed from the former primary unit after an HA failover.
  B. Traffic has been identified as from an application that is not allowed.
  C. The next packet must be re-evaluated against the firewall policies.
  D. Traffic has been blocked by the antivirus inspection.
  C. The next packet must be re-evaluated against the firewall policies.

• Question 25:

  View the exhibit, which contains the output of diagnose sys session list, and then answer the question below.

  

  If the HA ID for the primary unit is zero (0), which one of the following statements about the output is true?

  A. This session is for HA heartbeat traffic.
  B. This session cannot be synced with the slave unit.
  C. The master unit is processing this traffic.
  D. The inspection of this session has been offloaded to the slave unit.
  C. The master unit is processing this traffic.

• Question 26:

  What is the purpose of an internal segmentation firewall (ISFW)?

  A. It is the first line of defense at the network perimeter.
  B. It inspects incoming traffic to protect services in the corporate DMZ.
  C. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.
  D. It splits the network into multiple security segments to minimize the impact of breaches.
  D. It splits the network into multiple security segments to minimize the impact of breaches.

• Question 27:

  View the exhibit, which contains the output of a debug command, and then answer the question below.

  

  Which one of the following statements about this FortiGate is correct?

  A. It is currently in system conserve mode because of high CPU usage.
  B. It is currently in extreme conserve mode because of high memory usage.
  C. It is currently in proxy conserve mode because of high memory usage.
  D. It is currently in memory conserve mode because of high memory usage.
  D. It is currently in memory conserve mode because of high memory usage.

• Question 28:

  Which of the following statements are correct regarding application layer test commands? (Choose two.)

  A. Some of them display statistics and configuration information about a feature or process.
  B. They are used to filter real-time debugs.
  C. They display real-time application debugs.
  D. Some of them can be used to restart an application.
  A. Some of them display statistics and configuration information about a feature or process.
  D. Some of them can be used to restart an application.

• Question 29:

  View the exhibit, which contains the output of a diagnose command, and then answer the question below.

  

  Which statements are true regarding the output in the exhibit? (Choose two.)

  A. FortiGate used 209.222.147.36 as the initial server to validate its contract.
  B. Servers with the D flag are considered to be down.
  C. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.
  D. Servers with a negative TZ value are experiencing a service outage.
  A. FortiGate used 209.222.147.36 as the initial server to validate its contract.
  C. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.

• Question 30:

  Which of the following tasks are automated using the Install Wizard on FortiManager? (Choose two.)

  A. Install configuration changes to managed devices.
  B. Preview pending configuration changes for managed devices.
  C. Import policy packages from managed devices.
  D. Add devices to FortiManager.
  E. Import interface mappings from managed devices
  A. Install configuration changes to managed devices.
  B. Preview pending configuration changes for managed devices.