All About Top Quality NSE7_EFW-6.0 Dump

NEW QUESTION 1
View the exhibit, which contains the output of a debug command, and then answer the question below.

What statement is correct about this FortiGate?

• A. It is currently in system conserve mode because of high CPU usage.
• B. It is currently in FD conserve mode.
• C. It is currently in kernel conserve mode because of high memory usage.
• D. It is currently in system conserve mode because of high memory usage.

Answer: D

NEW QUESTION 2
Examine the following routing table and BGP configuration; then answer the question below.

TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?

• A. Enable the redistribution of connected routers into BGP.
• B. Enable the redistribution of static routers into BGP.
• C. Disable the setting network-import-check.
• D. Enable the setting ebgp-multipath.

Answer: C

NEW QUESTION 3
A FortiGate's portl is connected to a private network. Its port2 is connected to the Internet. Explicit web proxy is enabled in port1 and only explicit web proxy users can access the Internet. Web cache is NOT enabled. An internal web proxy user is downloading a file from the Internet via HTTP. Which statements are true regarding the two entries in the FortiGate session table related with this traffic? (Choose two.)

• A. Both session have the local flag on.
• B. The destination IP addresses of both sessions are IP addresses assigned to FortiGate's interfaces.
• C. One session has the proxy flag on, the other one does not.
• D. One of the sessions has the IP address of port2 as the source IP address.

Answer: AD

NEW QUESTION 4
Which of the following statements are true about FortiManager when it is deployed as a local FDS? (Choose two.)

• A. Caches available firmware updates for unmanaged devices.
• B. Can be configured as an update server, or a rating server, but not both.
• C. Supports rating requests from both managed and unmanaged devices.
• D. Provides VM license validation services.

Answer: AD

NEW QUESTION 5
Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

• A. Diagnose debug application radius -1.
• B. Diagnose debug application fnbamd -1.
• C. Diagnose authd console –log enable.
• D. Diagnose radius console –log enable.

Answer: B

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD32838

NEW QUESTION 6
Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

• A. SIP session helper runs in the kernel; SIP ALG runs as a user space process.
• B. SIP ALG supports SIP HA failover; SIP helper does not.
• C. SIP ALG supports SIP over IPv6; SIP helper does not.
• D. SIP ALG can create expected sessions for media traffic; SIP helper does not.
• E. SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.

Answer: BCD

NEW QUESTION 7
Examine the output of the ‘get router info ospf interface’ command shown in the exhibit; then answer the question below.

Which statements are true regarding the above output? (Choose two.)

• A. The port4 interface is connected to the OSPF backbone area.
• B. The local FortiGate has been elected as the OSPF backup designated router.
• C. There are at least 5 OSPF routers connected to the port4 network.
• D. Two OSPF routers are down in the port4 network.

Answer: AC

Explanation:
on BROADCAST network there are 4 neighbors, among which 1*DR +1*BDR. So our FG has 4 neighbors, but create adjacency only with 2 (with DR and BDR). 2 neighbors DRother (not down).

NEW QUESTION 8
What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

• A. IP addresses are in the same subnet.
• B. Hello and dead intervals match.
• C. OSPF IP MTUs match.
• D. OSPF peer IDs match.
• E. OSPF costs match.

Answer: ABC

Explanation:
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-advanced-routing-54/Routing_OSPF/OSPF_Bac

NEW QUESTION 9
Examine the output of the ‘get router info bgp summary’ command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

• A. BGP state of the peer 10.125.0.60 is Established.
• B. BGP peer 10.200.3.1 has never been down since the BGP counters were cleared.
• C. Local BGP peer has not received an OpenConfirm from 10.200.3.1.
• D. The local BGP peer has received a total of 3 BGP prefixes.

Answer: AC

NEW QUESTION 10
Examine the IPsec configuration shown in the exhibit; then answer the question below.

An administrator wants to monitor the VPN by enabling the IKE real time debug using these commands: diagnose vpn ike log-filter src-addr4 10.0.10.1
diagnose debug application ike -1
diagnose debug enable
The VPN is currently up, there is no traffic crossing the tunnel and DPD packets are being interchanged between both IPsec gateways. However, the IKE real time debug does NOT show any output. Why isn’t there any output?

• A. The IKE real time shows the phases 1 and 2 negotiations onl
• B. It does not show any more output once the tunnel is up.
• C. The log-filter setting is set incorrectl
• D. The VPN’s traffic does not match this filter.
• E. The IKE real time debug shows the phase 1 negotiation onl
• F. For information after that, the administrator must use the IPsec real time debug instead: diagnose debug application ipsec -1.
• G. The IKE real time debug shows error messages onl
• H. If it does not provide any output, it indicates that the tunnel is operating normally.

Answer: B

NEW QUESTION 11
Examine the following partial output from two system debug commands; then answer the question below.


Which of the following statements are true regarding the above outputs? (Choose two.)

• A. The unit is running a 32-bit FortiOS
• B. The unit is in kernel conserve mode
• C. The Cached value is always the Active value plus the Inactive value
• D. Kernel indirectly accesses the low memory (LowTotal) through memory paging

Answer: AC

NEW QUESTION 12
Which of the following statements are correct regarding application layer test commands? (Choose two.)

• A. They are used to filter real-time debugs.
• B. They display real-time application debugs.
• C. Some of them display statistics and configuration information about a feature or process.
• D. Some of them can be used to restart an application.

Answer: CD

Explanation:
Application layer test commands don’t display info in real time, but they do show statistics and configuration info about a feature or process. You can also use some of these commands to restart a process or execute a change in its operation.

NEW QUESTION 13
View the IPS exit log, and then answer the question below.
# diagnose test application ipsmonitor 3 ipsengine exit log”
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017
code = 11, reason: manual
What is the status of IPS on this FortiGate?

• A. IPS engine memory consumption has exceeded the model-specific predefined value.
• B. IPS daemon experienced a crash.
• C. There are communication problems between the IPS engine and the management database.
• D. All IPS-related features have been disabled in FortiGate’s configuration.

Answer: D

Explanation:
The command diagnose test application ipsmonitor includes many options that are useful for troubleshooting purposes.Option 3 displays the log entries generated every time an IPS engine process stopped. There are various reasons why these logs are generated:Manual: Because of the configuration, IPS no longer needs to run (that is, all IPS-releated features have been disabled)

NEW QUESTION 14
Examine the following partial output from a sniffer command; then answer the question below.

What is the meaning of the packets dropped counter at the end of the sniffer?

• A. Number of packets that didn’t match the sniffer filter.
• B. Number of total packets dropped by the FortiGate.
• C. Number of packets that matched the sniffer filter and were dropped by the FortiGate.
• D. Number of packets that matched the sniffer filter but could not be captured by the sniffer.

Answer: D

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=11655

NEW QUESTION 15
When using the SSL certificate inspection method for HTTPS traffic, how does FortiGate filter web requests when the browser client does not provide the server name indication (SNI)?

• A. FortiGate uses the Issued To: field in the server’s certificate.
• B. FortiGate switches to the full SSL inspection method to decrypt the data.
• C. FortiGate blocks the request without any further inspection.
• D. FortiGate uses the requested URL from the user’s web browser.

Answer: A

NEW QUESTION 16
View the exhibit, which contains an entry in the session table, and then answer the question below.

Which one of the following statements is true regarding FortiGate’s inspection of this session?

• A. FortiGate applied proxy-based inspection.
• B. FortiGate forwarded this session without any inspection.
• C. FortiGate applied flow-based inspection.
• D. FortiGate applied explicit proxy-based inspection.

Answer: A

Explanation:
https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042

NEW QUESTION 17
......