NSE4 · Question #63
NSE4 Question #63: Real Exam Question with Answer & Explanation
Sign in or unlock NSE4 to reveal the answer and full explanation for question #63. The question stem and answer options stay visible for context.
Question
Examine the following output from the diagnose sys session list command: session info: proto=6 proto_state=65 duration=3 expire=9 timeout=3600 flags=00000000 sockflag=00000000 sockport=443 av_idx=9 use=5 origin-shaper=guarantee-100kbps prio=2 guarantee 12800Bps max 134217728Bps traffic 13895Bps reply-shaper=guarantee-100kbps prio=2 guarantee 12800Bps max 134217728Bps traffic 13895Bps state=redir local may_dirty ndr npu nlb os rs statistic(bytes/packets/allow_err): org=864/8/1 reply=2384/7/1 tuples=3 orgin->sink: org pre->post, reply pre->post dev=7->6/6->7 gwy=172.17.87.3/10.1.10.1 hook=post dir=org act=snat 192.168.1.110:57999->74.201.86.29:443(172.17.87.16:57999) hook=pre dir=reply act=dnat 74.201.86.29:443- >172.17.87.16:57999(192.168.1.110:57999) hook=post dir=reply act=noop 74.201.86.29:443->192.168.1.110:57999(0.0.0.0:0) misc=0 policy_id=1 id_policy_id=0 auth_info=0 chk_client_info=0 vd=0 npu info: flag=0x00/0x00, offload=0/0, ips_offload=0/0, epid=0/0, ipid=0/0, vlan=0/0 Which statements are true regarding the session above? (Choose two.)
Options
- ASession Time-To-Live (TTL) was configured to 9 seconds.
- BFortiGate is doing NAT of both the source and destination IP addresses on all packets coming
- CThe IP address 192.168.1.110 is being translated to 172.17.87.16.
- DThe FortiGate is not translating the TCP port numbers of the packets in this session.
Unlock NSE4 to see the answer
You've previewed enough free NSE4 questions. Unlock NSE4 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.