FCSS_NST_SE-7.6 Exam Questions

During which phase of IKEv2 does the Diffie-Helman key exchange take place?

Refer to the exhibit, which shows a partial output of the real-time LDAP debug. What two actions can the administrator take to resolve this issue? (Choose two.)

Refer to the exhibit, which shows a partial output of a real-time LDAP debug. What two conclusions can you draw from the output? (Choose two.)

Refer to the exhibit, which shows the partial output of a diagnose command. Which two conclusions can you draw from the output shown in the exhibit? (Choose two.)

Refer to the exhibit showing a debug output. An administrator deployed FSSO in DC Agent Mode but FSSO is failing on FortiGate. Pinging FortiGate from where the collector agent is d...

Refer to the exhibits. An administrator is attempting to advertise the network configured on port3. However, FGT-A is not receiving the prefix. Which two actions can the administra...

Refer to the exhibit, which shows the output of diagnose sys session list. If the HA ID for the primary device is 0, what happens if the primary fails and the secondary becomes the...

What are two functions of automation stitches? (Choose two.)

Refer to the exhibit, which a network topology and a partial routing table. FortiGate has already been configured with a firewall policy that allows all ICMP traffic to flow from p...

Refer to the exhibit, which shows the partial output of FortiOS kernel slabs. Which statement is true?

Refer to the exhibit, which shows one way communication of the downstream FortiGate with the upstream FortiGate within a Security Fabric. What three actions must you take to ensure...

Refer to the exhibit, which shows the partial output of a real-time OSPF debug. Why are the two FortiGate devices unable to form an adjacency?

Refer to the exhibit, which shows the output of the command get router info bgp neighbors 100.64.2.254 advertised-routes. What can you conclude from the output?

Refer to the exhibit. The exhibit shows the output from using the command diagnose debug application samld -1 to diagnose a SAML connection. Based on this output, what can you conc...

Refer to the exhibit, which shows the modified output of the routing kernel. Which statement is true?

Refer to the exhibit, which shows the port1 interface configuration on FortiGate and partial session information for ICMP traffic. What happens to the session information if a rout...

Which three steps does FortiGate execute using the pull method to get antivirus and IPS updates? (Choose three.)

For IKEv2, which combination of payloads can INFORMATIONAL exchanges contain?

Which two configuration commands change the default behavior for proxy-based content- inspected traffic while FortiGate is in conserve mode? (Choose two.)

When investigating FortiGuard connectivity issues, which action is a valid troubleshooting step?

Which two configuration changes can you apply to optimize memory use on FortiGate? (Choose two.)

Refer to the exhibit, which contains the partial configuration of an IPsec VPN configuration. After reviewing the configuration, what can you conclude about the IPsec VPN Phase 1 s...

Refer to the exhibit, which shows the partial output of diagnose sys session stat. Which statement about the output shown in the exhibit is correct?

Refer to the exhibit. Antivirus is unable to detect an infected file downloaded through HTTPS. Part of the configuration used for antivirus inspection is shown in the exhibit. Whic...

Which of the following regarding protocol states is true?

Refer to the exhibit, which shows the output of a BGP debug command. Why has the local router at 172.16.23.58 been unable to establish adjacency with its only neighbor?

Refer to the exhibit. FortiGate is in conserve mode as shown in the Event logs. Based on the information shown in the exhibit, what can you conclude about the FortiGate intrusion p...

Refer to the exhibit, which shows the sniffer log on two FortiGate devices. The IPsec tunnel is up on both ends of the tunnel, but traffic is not flowing. Based on the information...

Which three conditions would prevent a static route from being used by the kernel to route traffic? (Choose three.)

Refer to the exhibit, which shows a partial output of diagnose npu np6 port-list on FortiGate 2000E. An administrator is unable to analyze traffic flowing between port1 and port17...

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command. What two conclusions can you draw from the output? (Choose two.)

What are two reasons that an OSPF router does not have any type 5 link-state advertisements (LSAs) in its link-state database (LSDB)? (Choose two.)

Refer to the exhibit, which shows the partial output of diagnose sys session stat. An administrator has noticed unusual behavior from FortiGate. It appears that sessions are random...

Refer to the exhibit, which contains the output of the command diagnose vpn tunnel list. What is the status of the tunnel?

Which actions does FortiGate take after an administrator enables the auxiliary session setting? (Choose two.)

Refer to the exhibit, which contains a screenshot of some phase 1 settings. The VPN is up. To monitor traffic flow, the administrator enters the following CLI commands on an SSH se...

Refer to the exhibit, which shows a session table entry. Which statement about FortiGate behavior relating to this session is correct?

Which exchanges are the first two exchanges in IKEv2 negotiation?

Refer to the exhibit. FortiGate is showing continuous high CPU usage. During a maintenance window the CLI command diagnose sys top displays the output shown in the exhibit. The CLI...

Refer to the exhibit, which shows the output of a diagnose command. The administrator did not override the FortiGuard FQDN or IP address in the FortiGate configuration. Which IP ad...

Refer to the exhibit, which displays the output of a real-time debug. Which statement accurately describes this output?

Refer to the exhibit, which shows the output of the get router info bgp summary command. Which statement regarding adjacencies between the local router and its neighbors is correct...

Refer to the exhibit, which shows output from a collector agent log. The collector agent is showing the status of a workstation as "Not Verified". What is a common cause for this m...

Refer to the exhibit, which contains the output of a debug command. If the default settings are in place, what can you conclude about the conserve mode shown in the exhibit?

Refer to the exhibit, which shows the output of a debug command. What needs to happen for the local router to be elected DR?

Refer to the exhibit, which shows the output of a BGP debug command. What is the reason that the local FortiGate is not receiving any prefixes from its neighbors?

Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command. Based on the output, which two statements are correct? (Choose two.)

Refer to the exhibit, which contains the output of the command diagnose vpn tunnel list. Reviewing the debug command, what is the current status of the traffic flowing through the...

In an FSSO environment, a user is listed as active on FortiGate but cannot browse the internet. Which factor do you not need to verify as a potential problem?

Which statement best describes the full state when forming an OSPF adjacency between two peers?