1. Home
  2. Fortinet
  3. NSE7_EFW

NSE7 Enterprise Firewall - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE7_EFW
  • Exam Name
    :NSE7 Enterprise Firewall - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :88 Q&As
  • Last Updated
    :

Fortinet Fortinet Certifications NSE7_EFW Questions & Answers

  • Question 71:

    Which statement is true regarding File description (FD) conserve mode?

    A. IPS inspection is affected when FortiGate enters FD conserve mode.

    B. A FortiGate enters FD conserve mode when the amount of available description is less than 5%.

    C. FD conserve mode affects all daemons running on the device.

    D. Restarting the WAD process is required to leave FD conserve mode.

  • Question 72:

    Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

    A. SIP session helper runs in the kernel; SIP ALG runs as a user space process.

    B. SIP ALG supports SIP HA failover; SIP helper does not.

    C. SIP ALG supports SIP over IPv6; SIP helper does not.

    D. SIP ALG can create expected sessions for media traffic; SIP helper does not.

    E. SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.

  • Question 73:

    Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

    A. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.

    B. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.

    C. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.

    D. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

  • Question 74:

    Examine the partial output from two web filter debug commands; then answer the question below:

    Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?

    A. Finance and banking

    B. General organization.

    C. Business.

    D. Information technology.

  • Question 75:

    View these partial outputs from two routing debug commands:

    Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?

    A. Both port1 and port2

    B. port3

    C. port1

    D. port2

  • Question 76:

    View the exhibit, which contains the output of a diagnose command, and then answer the question below.

    Which statements are true regarding the output in the exhibit? (Choose two.)

    A. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.

    B. Servers with the D flag are considered to be down.

    C. Servers with a negative TZ value are experiencing a service outage.

    D. FortiGate used 209.222.147.3 as the initial server to validate its contract.

  • Question 77:

    Examine the partial output from the IKE real time debug shown in the exhibit; then answer the question below.

    Why didn't the tunnel come up?

    A. IKE mode configuration is not enabled in the remote IPsec gateway.

    B. The remote gateway's Phase-2 configuration does not match the local gateway's phase-2 configuration.

    C. The remote gateway's Phase-1 configuration does not match the local gateway's phase-1 configuration.

    D. One IPsec gateway is using main mode, while the other IPsec gateway is using aggressive mode.

  • Question 78:

    A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

    A. Firewall monitor.

    B. Policy monitor.

    C. Logs.

    D. Crashlogs.

  • Question 79:

    View the exhibit, which contains a session entry, and then answer the question below.

    Which statement is correct regarding this session?

    A. It is an ICMP session from 10.1.10.10 to 10.200.1.1.

    B. It is an ICMP session from 10.1.10.10 to 10.200.5.1.

    C. It is a TCP session in ESTABLISHED state from 10.1.10.10 to 10.200.5.1.

    D. It is a TCP session in CLOSE_WAIT state from 10.1.10.10 to 10.200.1.1.

  • Question 80:

    What does the dirty flag mean in a FortiGate session?

    A. Traffic has been blocked by the antivirus inspection.

    B. The next packet must be re-evaluated against the firewall policies.

    C. The session must be removed from the former primary unit after an HA failover.

    D. Traffic has been identified as from an application that is not allowed.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_EFW exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.