Fortinet Fortinet Certifications NSE7_EFW-6.2 Questions & Answers

• Question 11:

  What is the diagnose test application ipsmonitor 99 command used for?

  A. To enable IPS bypass mode

  B. To provide information regarding IPS sessions

  C. To disable the IPS engine

  D. To restart all IPS engines and monitors

  Correct Answer: D

• Question 12:

  Refer to the exhibit, which contains partial outputs from two routing debug commands.

  

  Why is the port2 default route not in the second command's output?

  A. It has a higher priority value than the default route using port1.

  B. It is disabled in the FortiGate configuration.

  C. It has a lower priority value than the default route using port1.

  D. It has a higher distance than the default route using port1.

  Correct Answer: D

• Question 13:

  Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below. # diagnose debug authd fsso list --FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB.

  What should the administrator check?

  A. The IP address recorded in the logon event for the user STUDENT.

  B. The DNS name resolution for the workstation name INTERNAL2. TRAINING. LAB.

  C. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2. TRAINING. LAB.

  D. The reserve DNS lookup forthe IP address 192.168.3.1.

  Correct Answer: C

• Question 14:

  Examine the following partial outputs from two routing debug commands; then answer the question below. # get router info kernel tab=254 vf=0 scope=0type=1 proto=11 prio=0 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.1.254 dev=2(port1) tab=254 vf=0 scope=0type=1 proto=11 prio=10 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0 gwy=10.200.2.254 dev=3(port2) tab=254 vf=0 scope=253type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/.->10.0.1.0/24 pref=10.0.1.254 gwy=0.0.0.0 dev=4(port3) # get router info routing-table all s*0.0.0.0/0 [10/0] via 10.200.1.254, portl [10/0] via 10.200.2.254, port2, [10/0] dO.0.1.0/24 is directly connected, port3 dO.200.1.0/24 is directly connected, portl d0.200.2.0/24 is directly connected, port2

  Which outbound interface or interfaces will be used by this FortiGate to route web traffic from internal users to the Internet?

  A. port!

  B. port2.

  C. Both portl and port2.

  D. port3.

  Correct Answer: B

• Question 15:

  An LDAP user cannot authenticate against a FortiGate device. Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer the question below.

  

  Based on the output in the exhibit, what can cause this authentication problem?

  A. User student is not found in the LDAP server.

  B. User student is using a wrong password.

  C. The FortiGate has been configured with the wrong password for the LDAP administrator.

  D. The FortiGate has been configured with the wrong authentication schema.

  Correct Answer: A

• Question 16:

  Examine the following traffic log; then answer the question below. date-20xx-02-01 time=19:52:01

  devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root

  service=kemel status=failure msg="NAT port is exhausted."

  What does the log mean?

  A. There is not enough available memory in the system to create a new entry in the NAT port table.

  B. The limit for the maximum number of simultaneous sessions sharing the same NAT port has been reached.

  C. FortiGate does not have any available NAT port for a new connection.

  D. The limit for the maximum number of entries in the NAT port table has been reached.

  Correct Answer: B

• Question 17:

  An administrator cannot connect to the GIU of a FortiGate unit with the IP address 10.0.1.254. The administrator runs the debug flow while attempting the connection using HTTP. The output of the debug flow is shown in the exhibit:

  

  Based on the error displayed by the debug flow, which are valid reasons for this problem? (Choose two.)

  A. HTTP administrative access is disabled in the FortiGate interface with the IP address 10.0.1.254.

  B. Redirection of HTTP to HTTPS administrative access is disabled.

  C. HTTP administrative access is configured with a port number different than 80.

  D. The packet is denied because of reverse path forwarding check.

  Correct Answer: AC

• Question 18:

  Examine the following routing table and BGP configuration; then answer the question below.

  

  TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?

  A. Enable the redistribution of connected routers into BGP.

  B. Enable the redistribution of static routers into BGP.

  C. Disable the setting network-import-check.

  D. Enable the setting ebgp-multipath.

  Correct Answer: C

• Question 19:

  Examine the following partial output from two system debug commands; then answer the question below.

  

  Which of the following statements are true regarding the above outputs? (Choose two.)

  A. The unit is running a 32-bit FortiOS

  B. The unit is in kernel conserve mode

  C. The Cached value is always the Active value plus the Inactive value

  D. Kernel indirectly accesses the low memory (LowTotal) through memory paging

  Correct Answer: AC

• Question 20:

  View the exhibit, which contains a partial routing table, and then answer the question below.

  

  Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

  A. Source IP address 10.1.0.24, Destination IP address 10.72.3.20.

  B. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.

  C. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.

  D. Source IP address 10.73.9.10, Destination IP address 10.72.3.15.

  Correct Answer: BC