1. Home
  2. Fortinet
  3. NSE7_EFW-7.0

Fortinet NSE 7 - Enterprise Firewall 7.0

Exam Details

  • Exam Code
    :NSE7_EFW-7.0
  • Exam Name
    :Fortinet NSE 7 - Enterprise Firewall 7.0
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :163 Q&As
  • Last Updated
    :Jun 11, 2025

Fortinet Fortinet Certifications NSE7_EFW-7.0 Questions & Answers

  • Question 121:

    Refer to the exhibit, which shows the output of a web filtering diagnose command.

    Which configuration change would result in non-zero results in the cache statistics section?

    A. set server-type rating under config system central-management

    B. set webfilter-cache enable under config system fortiguard

    C. set webfilter-force-off disable under config system fortiguard

    D. set ngfw-mode policy-based under config system settings

  • Question 122:

    What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

    A. Reduce the session time to live.

    B. Increase the TCP session timers.

    C. Increase the FortiGuard cache time to live.

    D. Reduce the maximum file size to inspect.

  • Question 123:

    Refer to the exhibit, which shows the output of a diagnose command What can you conclude from the RTT value?

    A. Its value represents the time it takes to receive a response after a rating request is sent to a particular server.

    B. Its value is incremented with each packet lost.

    C. It determines which FortiGuard server is used for license validation.

    D. Its initial value is statically set to 10.

  • Question 124:

    View the following FortiGate configuration.

    All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network:

    If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that user's session?

    A. The session would remain in the session table, and its traffic would still egress from port1.

    B. The session would remain in the session table, but its traffic would now egress from both port1 and port2.

    C. The session would remain in the session table, and its traffic would start to egress from port2.

    D. The session would be deleted, so the client would need to start a new session.

  • Question 125:

    Which two configuration commands change the default behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)

    A. set av-failopen off

    B. set av-failopen pass

    C. set fail-open enable

    D. set ips fail-open disable

  • Question 126:

    In which two ways does FortiManager function when it is deployed as a local FDS? (Choose two.)

    A. It provides VM license validation services.

    B. It supports rating requests from non-FortiGate devices.

    C. It caches available firmware updates for unmanaged devices.

    D. It can be configured as an update server, a rating server, or both.

  • Question 127:

    Which statement about protocol options is true?

    A. Protocol options allows administrators a streamlined method to instruct FortiGate to block all sessions corresponding to disabled protocols.

    B. Protocol options allows administrators the ability to configure the Any setting for all enabled protocols which provides the most efficient use of system resources.

    C. Protocol options allow administrators to configure a maximum number of sessions for each configured protocol.

    D. Protocol options allows administrators to configure which Layer 4 port numbers map to upper-layer protocols, such as HTTP, SMTP, FTP, and so on.

  • Question 128:

    Which two statements about an auxiliary session are true? (Choose two.)

    A. With the auxiliary session setting disabled, only auxiliary sessions are offloaded.

    B. With the auxiliary session setting enabled, two sessions are created in case of routing change.

    C. With the auxiliary session setting enabled, ECMP traffic is accelerated to the NP6 processor.

    D. With the auxiliary session setting disabled, for each traffic path, FortiGate uses the same auxiliary session.

  • Question 129:

    Examine the following partial outputs from two routing debug commands; then answer the question below.

    # get router info kernel

    tab=254 vf=0 scope=0type=1 proto=11 prio=0 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0

    gwy=10.200.1.254 dev=2(port1)

    tab=254 vf=0 scope=0type=1 proto=11 prio=10 0.0.0.0/0.0.0.0/0->0.0.0.0/0 pref=0.0.0.0

    gwy=10.200.2.254 dev=3(port2)

    tab=254 vf=0 scope=253type=1 proto=2 prio=0 0.0.0.0/0.0.0.0/.->10.0.1.0/24 pref=10.0.1.254

    gwy=0.0.0.0 dev=4(port3)

    # get router info routing-table all s*0.0.0.0/0 [10/0] via 10.200.1.254, portl [10/0] via 10.200.2.254, port2, [10/0] dO.0.1.0/24 is directly connected, port3 dO.200.1.0/24 is directly connected, portl d0.200.2.0/24 is directly connected, port2

    Which outbound interface or interfaces will be used by this FortiGate to route web traffic from internal users to the Internet?

    A. port!

    B. port2.

    C. Both portl and port2.

    D. port3.

  • Question 130:

    An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug:

    diagnose debug application ike-1

    diagnose debug enable

    In which order is each step and phase displayed in the debug output each time a new dial- up user is connecting to the VPN?

    A. Phase1; IKE mode configuration; XAuth; phase 2.

    B. Phase1; XAuth; IKE mode configuration; phase2.

    C. Phase1; XAuth; phase 2; IKE mode configuration.

    D. Phase1; IKE mode configuration; phase 2; XAuth.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_EFW-7.0 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.