1. Home
  2. Fortinet
  3. NSE7_EFW-6.4

Fortinet NSE 7 - Enterprise Firewall 6.4

Exam Details

  • Exam Code
    :NSE7_EFW-6.4
  • Exam Name
    :Fortinet NSE 7 - Enterprise Firewall 6.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :122 Q&As
  • Last Updated
    :Jun 17, 2025

Fortinet Fortinet Certifications NSE7_EFW-6.4 Questions & Answers

  • Question 81:

    Which of the following statements are correct regarding application layer test commands? (Choose two.)

    A. They are used to filter real-time debugs.

    B. They display real-time application debugs.

    C. Some of them display statistics and configuration information about a feature or process.

    D. Some of them can be used to restart an application.

  • Question 82:

    Which statement about memory conserve mode is true?

    A. A FortiGate exits conserve mode when the configured memory use threshold reaches yellow.

    B. A FortiGate starts dropping all the new and old sessions when the configured memory use threshold reaches extreme.

    C. A FortiGate starts dropping new sessions when the configured memory use threshold reaches red

    D. A FortiGate enters conserve mode when the configured memory use threshold reaches red

  • Question 83:

    Examine the partial output from two web filter debug commands; then answer the question below:

    Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?

    A. Finance and banking

    B. General organization.

    C. Business.

    D. Information technology.

  • Question 84:

    A FortiGate device has the following LDAP configuration: The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:

    Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)

    A. cnid.

    B. username.

    C. password.

    D. dn.

  • Question 85:

    View the exhibit, which contains the output of a diagnose command, and then answer the question below.

    Which statements are true regarding the output in the exhibit? (Choose two.)

    A. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.

    B. Servers with the D flag are considered to be down.

    C. Servers with a negative TZ value are experiencing a service outage.

    D. FortiGate used 209.222.147.3 as the initial server to validate its contract.

  • Question 86:

    View the exhibit, which contains a partial routing table, and then answer the question below.

    Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

    A. Source IP address 10.1.0.24, Destination IP address 10.72.3.20.

    B. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.

    C. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.

    D. Source IP address 10.73.9.10, Destination IP address 10.72.3.15.

  • Question 87:

    View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.

    Why didn't the tunnel come up?

    A. The pre-shared keys do not match.

    B. The remote gateway's phase 2 configuration does not match the local gateway's phase 2 configuration.

    C. The remote gateway's phase 1 configuration does not match the local gateway's phase 1 configuration.

    D. The remote gateway is using aggressive mode and the local gateway is configured to use man mode.

  • Question 88:

    Which statement about the designated router (DR) and backup designated router (BDR) in an OSPF multi-access network is true?

    A. FortiGate first checks the OSPF ID to elect a DR.

    B. Non-DR and non-BDR routers will form full adjacencies to DR and BDR only.

    C. BDR is responsible for forwarding link state information from one router to another.

    D. Only the DR receives link state information from non-DR routers.

  • Question 89:

    Examine the following traffic log; then answer the question below.

    date-20xx-02-01 time=19:52:01 devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted."

    What does the log mean?

    A. There is not enough available memory in the system to create a new entry in the NAT port table.

    B. The limit for the maximum number of simultaneous sessions sharing the same NAT port has been reached.

    C. FortiGate does not have any available NAT port for a new connection.

    D. The limit for the maximum number of entries in the NAT port table has been reached.

  • Question 90:

    Examine the output of the `diagnose ips anomaly list' command shown in the exhibit; then answer the question below.

    Which IP addresses are included in the output of this command?

    A. Those whose traffic matches a DoS policy.

    B. Those whose traffic matches an IPS sensor.

    C. Those whose traffic exceeded a threshold of a matching DoS policy.

    D. Those whose traffic was detected as an anomaly by an IPS sensor.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_EFW-6.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.