NSE7_EFW Exam Questions
97 real NSE7_EFW exam questions with expert-verified answers and explanations. Page 2 of 2.
- Question #51
A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)
- Question #52
Examine the output of the `get router info bgp summary' command shown in the exhibit; then answer the question below. Which statement can explain why the state of the remote BGP pe...
- Question #53
A FortiGate device has the following LDAP configuration: The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing...
- Question #54
Examine the output from the `diagnose vpn tunnel list' command shown in the exhibit; then answer the question below. Which command can be used to sniffer the ESP traffic for the VP...
- Question #55
View the central management configuration shown in the exhibit, and then answer the question below. Which server will FortiGate choose for antivirus and IPS updates if 10.0.1.243 i...
- Question #56
View the exhibit, which contains the output of diagnose sys session stat, and then answer the question below. Which statements are correct regarding the output shown? (Choose two.)
- Question #57
View the exhibit, which contains the output of a debug command, and then answer the question below. What statement is correct about this FortiGate?
- Question #58
Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)
- Question #59
Which of the following tasks are automated using the Install Wizard on FortiManager? (Choose two.)
- Question #60
View the exhibit, which contains the output of diagnose sys session list, and then answer the question below. If the HA ID for the primary unit is zero (0), which statement is corr...
- Question #61
View the IPS exit log, and then answer the question below. # diagnose test application ipsmonitor 3 ipsengine exit log" pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:2...
- Question #62
View the exhibit, which contains an entry in the session table, and then answer the question below. Which one of the following statements is true regarding FortiGate's inspection o...
- Question #63
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGa...
- Question #64
Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)
- Question #65
View the exhibit, which contains the partial output of a diagnose command, and then answer the question below. Based on the output, which of the following statements is correct?
- Question #66
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. Why didn't the tunnel come up?
- Question #67
An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator noticed that some of the switches in the network continue...
- Question #68
View these partial outputs from two routing debug commands: Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?
- Question #69
What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
- Question #70
View the exhibit, which contains the output of a debug command, and then answer the question below. Which of the following statements about the exhibit are true? (Choose two.)
- Question #71
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
- Question #72
View the exhibit, which contains the output of a real-time debug, and then answer the question below. Which of the following statements is true regarding this output? (Choose two.)
- Question #73
What is the purpose of an internal segmentation firewall (ISFW)?
- Question #74
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below. ike 0: comes 10.0.0.2:500->10.0.0.1:500, ifindex=7.... ike 0: IKE...
- Question #75
Which of the following statements are correct regarding application layer test commands? (Choose two.)
- Question #76
When using the SSL certificate inspection method for HTTPS traffic, how does FortiGate filter web requests when the browser client does not provide the server name indication (SNI)...
- Question #77
What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?
- Question #78
View the exhibit, which contains the output of a BGP debug command, and then answer the question below. Which of the following statements about the exhibit are true? (Choose two.)
- Question #79
View the exhibit, which contains the output of a web diagnose command, and then answer the question below. Which one of the following statements explains why the cache statistics a...
- Question #80
View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below. Based on the debug output, which phase-1 setting is enabled in the...
- Question #81
View the global IPS configuration, and then answer the question below. Which of the following statements is true regarding this configuration?
- Question #82
View the following FortiGate configuration. All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a use...
- Question #83
View the exhibit, which contains the output of a diagnose command, and then answer the question below. Which statements are true regarding the output in the exhibit? (Choose two.)
- Question #84
What does the dirty flag mean in a FortiGate session?
- Question #85
The CLI command set intelligent-mode <enable | disable> controls the IPS engine's adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?
- Question #86
An administrator has configured the following CLI script on FortiManager, which failed to apply any changes to the managed device after being executed. Why didn't the script make a...
- Question #87
View the exhibit, which contains a partial web filter profile configuration, and then answer the question below. categorized as File Sharing and Storage?
- Question #88
Which configuration can be used to reduce the number of BGP sessions in an IBGP network?
- Question #89
View the exhibit, which contains the output of get sys ha status, and then answer the question below. Which statements are correct regarding the output? (Choose two.)
- Question #90
View the exhibit, which contains the partial output of an IKE real time debug, and then answer the question below. The administrator does not have access to the remote gateway. Bas...
- Question #91
View the exhibit, which contains the output of a diagnose command, and the answer the question below. Which statements are true regarding the Weight value?
- Question #92
In which of the following states is a given session categorized as ephemeral? (Choose two.)
- Question #93
View the exhibit, which contains a session entry, and then answer the question below. Which statement is correct regarding this session?
- Question #94
View the exhibit, which contains a screenshot of some phase-1 settings, and then answer the question below. The VPN is up, and DPD packets are being exchanged between both IPsec ga...
- Question #95
View the exhibit, which contains the output of a diagnose command, and then answer the question below. What statements are correct regarding the output? (Choose two.)
- Question #96
Which of the following statements are true about FortiManager when it is deployed as a local FDS? (Choose two.)
- Question #97
Which statement is true regarding File description (FD) conserve mode?