NSE7_EFW-7.2 Exam Questions
102 real NSE7_EFW-7.2 exam questions with expert-verified answers and explanations. Page 2 of 3.
- Question #51
You contoured an address object on the tool fortiGate in a Security Fabric. This object is not synchronized with a downstream device. Which two reasons could be the cause? (Choose...
- Question #52
Refer to the exhibit, which contains a CLI script configuration on FortiManager. An administrator configured the CLI script on FortiManager, but the script failed to apply any chan...
- Question #53
Refer to the exhibit, which contains the partial ADVPN configuration of a spoke. Which two parameters must you configure on the corresponding single hub? (Choose two.)
- Question #54
Which FortiGate in a Security Fabric sends togs to FortiAnalyzer?
- Question #55
Which configuration can be used to reduce the number of BGP sessions in on IBGP network?
- Question #56
Refer to the exhibit, which contains an active-active toad balancing scenario. During the traffic flow the primary FortiGate forwards the SYN packet to the secondary FortiGate. Wha...
- Question #57
Which two statements about IKE vision 2 are true? (Choose two.)
- Question #58
Refer to the exhibit, which contains the partial interface configuration of two FortiGate devices. Which two conclusions can you draw from this configuration? (Choose two)
- Question #59
Examine the IPsec configuration shown in the exhibit; then answer the question below. An administrator wants to monitor the VPN by enable the IKE real time debug using these comman...
- Question #60
Examine the output of the 'get router info ospf interface' command shown in the exhibit; then answer the question below. Which statements are true regarding the above output? (Choo...
- Question #61
An administrator has created a VPN community within VPN Manager on FortiManager. They also added gateways to the VPN community and are now trying to create firewall policies to per...
- Question #62
Refer to the exhibit, which shows the output of a diagnose command. What can be concluded about the debug output in this scenario?
- Question #63
Refer to the exhibit, which shows a session entry. Which statement about this session is true?
- Question #64
Refer to the exhibit, which shows the output of diagnose sys session list. If the HA ID for the primary device is 0, what will happen if the primary fails and the secondary becomes...
- Question #65
Refer to the exhibit, which contains partial output from an IKE real-time debug. Why did the tunnel not come up?
- Question #66
Refer to the exhibit, which shows the output of diagnose sys session stat. Which statement about the output shown in the exhibit is correct?
- Question #67
Refer to the exhibit, which contains the output of the diagnose vpn tunnel list. Which command will capture ESP traffic for the VPN named DialUp_0?
- Question #68
Refer to the exhibit, which shows device registration on FortiManager. What can you conclude about the Spoke-1 and Spoke-2 configurations with respect to the information cond: Modi...
- Question #69
While configuring the BGP protocol, an administrator applies the set network-import-check disable command under config network. What will FortiGate do as a result of this command?
- Question #70
An administrator is configuring two FortiGate devices in an HA cluster. While configuring the devices, the administrator issues the following commands on both HA cluster members: I...
- Question #71
Refer to the exhibit, which shows an OSPF network. Which types of link-state advertisements (LSA) will NGFW-1 send, if it is a backup designated router (BDR)?
- Question #72
Which two statements about the Security Fabric are true? (Choose two.)
- Question #73
How would fec-ingress and fec-sgress IPsec configuration affect an IPsec tunnel?
- Question #74
Refer to the exhibit, which shows a partial routing table. What two conclusions can you draw from the FortiGate output shown in the exhibit? (Choose two.)
- Question #75
Refer to the exhibit, which shows an ADVPN network. An administrator must configure an ADVPN using IBGP and EBGP to connect overlay network 1 with 2. What must the administrator co...
- Question #76
Which statement about meta fields is true?
- Question #77
An administrator configured the following command on FortiGate. config router ospf set restart-mode graceful-restart Which two statements correctly describe the result of the above...
- Question #78
Which statement about network processor (NP) offloading is true?
- Question #79
Which two statements about IKE version 2 fragmentation are true? (Choose two.)
- Question #80
Refer to the exhibit, which shows an SSL certification inspection configuration. SSL certification inspection configuration While testing, the administrator updated the ssl-ssh-pro...
- Question #81
Refer to the exhibit, which shows information about an OSPF interface of hub router NGFW-1. How would you change the interface state of NGFW.1 to a Designated router, if the spoke...
- Question #82
An administrator must improve the resiliency of a link by minimizing data loss within the enterprise network that has full path redundancy. What should the administrator enable on...
- Question #83
An administrator must optimize the performance of real-time voice and video applications across a WAN link with high packet loss. Which combination of IPSec phase 1 parameters must...
- Question #84
You want to know which content processor (CP) model FortiGate contains. Which command should you enter?
- Question #85
An administrator is configuring application control with FortiGate running in next-generation firewall (NGFW) policy-based mode. Which two actions must the administrator take? (Cho...
- Question #86
Which two configurations are mandatory for an auto-discovery VPN (ADVPN) implementation on a hub? (Choose two.)
- Question #87
Refer to the exhibits. Network topology Output from the command config system ha A network diagram and the output from the command config system ha are shown. The administrator has...
- Question #88
Refer to the exhibit. An administrator wants to expand the network by adding two additional FortiGate devices into AS 6500. Which configuration is the most effective way to improve...
- Question #89
Refer to the exhibit. ISFW is installed in the access layer NGFW is performing SNAT and web tittering DCFW is running IPS. Which two statements are true regarding the Security Fabr...
- Question #90
Refer to the exhibit, which provides information on BGP neighbors. What can you conclude from this command output?
- Question #91
Which two features are true regarding IPS hardware acceleration? (Choose two.)
- Question #92
Refer to the exhibit, which contains a CLI script configuration on FortiManager. An administrator configured the CLI script on FortiManager. Which statement is true based on the sc...
- Question #93
Which statement is true regarding the Bidirectional Forwarding Detection protocol in BGP?
- Question #94
You are testing the implementation of a new custom remote desktop application in your network In which two ways can you eliminate false positives in IPS during this testing phase?...
- Question #95
Refer to the exhibit, which contains a partial configuration of the global system. What can you conclude from the output?
- Question #96
In which two ways does FortiManager function when it is deployed as a local FDS? (Choose two.)
- Question #97
Which statement about ADVPN is true?
- Question #98
Refer to the exhibit, which shows information about an OSPF interface. What two conclusions can you draw from this command output? (Choose two.)
- Question #99
Refer to the exhibit. The partial interlace configuration of two FortiGate devices is shown. Which two conclusions can you draw from this configuration? (Choose two.)
- Question #100
Which three conditions are required (or two FortiGate devices to form an OSPF adjacency? (Choose three.)