NSE7 Enterprise Firewall - FortiOS 5.4 v1.0

Page:    1 / 5   
Exam contains 73 questions

View the central management configuration shown in the exhibit, and then answer the question below.


Which server will FortiGate choose for antivirus and IPS updates if 10.0.1.243 is experiencing an outage?

  • A. 10.0.1.240
  • B. One of the public FortiGuard distribution servers
  • C. 10.0.1.244
  • D. 10.0.1.242


Answer : B

View the exhibit, which contains the output of diagnose sys session stat, and then answer the question below.


Which statements are correct regarding the output shown? (Choose two.)

  • A. There are 0 ephemeral sessions.
  • B. All the sessions in the session table are TCP sessions.
  • C. No sessions have been deleted because of memory pages exhaustion.
  • D. There are 166 TCP sessions waiting to complete the three-way handshake.


Answer : AD

View the exhibit, which contains the output of a debug command, and then answer the question below.


What statement is correct about this FortiGate?

  • A. It is currently in system conserve mode because of high CPU usage.
  • B. It is currently in FD conserve mode.
  • C. It is currently in kernel conserve mode because of high memory usage.
  • D. It is currently in system conserve mode because of high memory usage.


Answer : D

Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

  • A. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.
  • B. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.
  • C. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.
  • D. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.


Answer : BD

Which of the following tasks are automated using the Install Wizard on FortiManager? (Choose two.)

  • A. Preview pending configuration changes for managed devices.
  • B. Add devices to FortiManager.
  • C. Import policy packages from managed devices.
  • D. Install configuration changes to managed devices.
  • E. Import interface mappings from managed devices.


Answer : AD

View the exhibit, which contains the output of diagnose sys session list, and then answer the question below.


If the HA ID for the primary unit is zero (0), which statement is correct regarding the output?

  • A. This session is for HA heartbeat traffic.
  • B. This session is synced with the slave unit.
  • C. The inspection of this session has been offloaded to the slave unit.
  • D. This session cannot be synced with the slave unit.


Answer : B

View the IPS exit log, and then answer the question below.
# diagnose test application ipsmonitor 3
ipsengine exit log"
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017 code = 11, reason: manual
What is the status of IPS on this FortiGate?

  • A. IPS engine memory consumption has exceeded the model-specific predefined value.
  • B. IPS daemon experienced a crash.
  • C. There are communication problems between the IPS engine and the management database.
  • D. All IPS-related features have been disabled in FortiGate"™s configuration.


Answer : D

View the exhibit, which contains an entry in the session table, and then answer the question below.


Which one of the following statements is true regarding FortiGate"™s inspection of this session?

  • A. FortiGate applied proxy-based inspection.
  • B. FortiGate forwarded this session without any inspection.
  • C. FortiGate applied flow-based inspection.
  • D. FortiGate applied explicit proxy-based inspection.


Answer : A

An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

  • A. diagnose sniffer packet any "˜udp port 500"™
  • B. diagnose sniffer packet any "˜udp port 4500"™
  • C. diagnose sniffer packet any "˜esp"™
  • D. diagnose sniffer packet any "˜udp port 500 or udp port 4500"™


Answer : C

Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)

  • A. The next-hop IP address is up.
  • B. There is no other route, to the same destination, with a higher distance.
  • C. The link health monitor (if configured) is up.
  • D. The next-hop IP address belongs to one of the outgoing interface subnets.
  • E. The outgoing interface is up.


Answer : ABE

View the exhibit, which contains the partial output of a diagnose command, and then answer the question below.


Based on the output, which of the following statements is correct?

  • A. Anti-reply is enabled.
  • B. DPD is disabled.
  • C. Quick mode selectors are disabled.
  • D. Remote gateway IP is 10.200.5.1.


Answer : A

View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.


Why didn"™t the tunnel come up?

  • A. The pre-shared keys do not match.
  • B. The remote gateway"™s phase 2 configuration does not match the local gateway"™s phase 2 configuration.
  • C. The remote gateway"™s phase 1 configuration does not match the local gateway"™s phase 1 configuration.
  • D. The remote gateway is using aggressive mode and the local gateway is configured to use man mode.


Answer : C

An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator noticed that some of the switches in the network continue to send traffic to the former primary unit. The administrator decides to enable the setting link-failed-signal to fix the problem. Which statement is correct regarding this command?

  • A. Forces the former primary device to shut down all its non-heartbeat interfaces for one second while the failover occurs.
  • B. Sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.
  • C. Sends a link failed signal to all connected devices.
  • D. Disables all the non-heartbeat interfaces in all the HA members for two seconds after a failover.


Answer : A

View these partial outputs from two routing debug commands:


Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?

  • A. Both port1 and port2
  • B. port3
  • C. port1
  • D. port2


Answer : A

What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

  • A. IP addresses are in the same subnet.
  • B. Hello and dead intervals match.
  • C. OSPF IP MTUs match.
  • D. OSPF peer IDs match.
  • E. OSPF costs match.


Answer : ABD

Page:    1 / 5   
Exam contains 73 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.