Scribd Logo
Upload

Welcome to Scribd!

  • SE7 - EFW-6.0 Dumps PDF - 100% Success With Valid Q&A - Passexam4sure

    Uploaded by

    Thomas Jake
    52 views7 pages
    Fortinet NSE7_EFW-6.0 Dumps has affectively changed the style students prepare. Highly qualified and experts have offered their help. So, this trustworthy guide is a result of their united efforts. There is no particular place for a study where you can get a cashback guarantee for your achievement on the first attempt. Not only this, but we have come with exclusive and successful help.

    Original Title

    SE7_EFW-6.0 Dumps PDF - 100% Success with Valid Q&A | Passexam4sure

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Fortinet NSE7_EFW-6.0 Dumps has affectively changed the style students prepare. Highly qualified and experts have offered their help. So, this trustworthy guide is a result of their united efforts. There is no particular place for a study where you can get a cashback guarantee for your achievement on the first attempt. Not only this, but we have come with exclusive and successful help.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    52 views7 pages

    SE7 - EFW-6.0 Dumps PDF - 100% Success With Valid Q&A - Passexam4sure

    Uploaded by

    Thomas Jake
    Fortinet NSE7_EFW-6.0 Dumps has affectively changed the style students prepare. Highly qualified and experts have offered their help. So, this trustworthy guide is a result of their united efforts. There is no particular place for a study where you can get a cashback guarantee for your achievement on the first attempt. Not only this, but we have come with exclusive and successful help.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    Fortinet

    NSE7 _ EFW -6 .0 Ex am
    Fortinet NSE 7- Enterprise Firewall 6.0 Exam

    Questions & Answers


    Demo
    Page2

    Version:8.0

    Question:1

    ExaminetheIPsecconfigurationshownintheexhibit;thenanswerthequestionbelow.

    Anadministrator wantstomonitor theVPNbyenablingtheIKEreal timedebugusingthese


    commands:
    Page3

    diagnosevpnikelog-filtersrc-addr410.0.10.1
    diagnosedebugapplicationike-1
    diagnosedebugenable
    TheVPNis currentlyup, thereis notrafficcrossingthetunnel andDPDpackets arebeing
    interchangedbetweenbothIPsecgateways.However,theIKEreal timedebugdoesNOTshowany
    output.Whyisn’tthereanyoutput?

    A.TheIKErealtimeshowsthephases1and2negotiationsonly.Itdoesnotshowanymoreoutput
    oncethetunnelisup.
    B.Thelog-filtersettingissetincorrectly.TheVPN’strafficdoesnotmatchthisfilter.
    C. TheIKEreal timedebugshowsthephase1negotiationonly. Forinformationafterthat, the
    administratormustusetheIPsecrealtimedebuginstead:diagnosedebugapplicationipsec-1.
    D.TheIKErealtimedebugshowserrormessagesonly.Ifitdoesnotprovideanyoutput,itindicates
    thatthetunnelisoperatingnormally.

    Answer:B

    Question:2

    WhichofthefollowingstatementsaretrueregardingtheSIPsessionhelperandtheSIPapplication
    layergateway(ALG)?(Choosethree.)

    A.SIPsessionhelperrunsinthekernel;SIPALGrunsasauserspaceprocess.
    B.SIPALGsupportsSIPHAfailover;SIPhelperdoesnot.
    C.SIPALGsupportsSIPoverIPv6;SIPhelperdoesnot.
    D.SIPALGcancreateexpectedsessionsformediatraffic;SIPhelperdoesnot.
    E.SIPhelpersupportsSIPoverTCPandUDP;SIPALGsupportsonlySIPoverUDP.

    Answer:B,C,D

    Question:3

    AFortiGatedevicehasthefollowingLDAPconfiguration:
    Page4

    Theadministratorexecutedthe‘dsquery’commandintheWindowsLDApserver10.0.1.10,andgot
    thefollowingoutput:
    >dsqueryuser–samidadministrator
    “CN=Administrator,CN=Users,DC=trainingAD,DC=training,DC=lab”
    Basedontheoutput,whatFortiGateLDAPsettingisconfiguredincorrectly?

    A.cnid.
    B.username.
    C.password.
    D.dn.

    Answer:B

    Explanation:
    https://kb.fortinet.com/kb/viewContent.do?externalId=FD37516

    Question:4

    AcorporatenetworkallowsInternetAccesstoFSSOusersonly.TheFSSOuserstudentdoesnothave
    InternetaccessaftersuccessfullyloggedintotheWindowsADnetwork.Theoutputofthe‘diagnose
    debugauthdfssolist’commanddoesnotshowstudentasanactiveFSSOuser.OtherFSSOuserscan
    accesstheInternetwithoutproblems.Whatshouldtheadministratorcheck?(Choosetwo.)

    A.TheuserstudentmustnotbelistedintheCA’signoreuserlist.
    B.Theuserstudentmustbelongtooneormoreofthemonitoredusergroups.
    C.Thestudentworkstation’sIPsubnetmustbelistedintheCA’strustedlist.
    D.Atleastoneofthestudent’susergroupsmustbeallowedbyaFortiGatefirewallpolicy.

    Answer:A,D

    Explanation:
    https://kb.fortinet.com/kb/documentLink.do?externalID=FD38828

    Question:5
    Page5

    AnadministratorhasdecreasedalltheTCPsessiontimerstooptimizetheFortiGatememoryusage.
    However, after thechanges, onenetwork applicationstartedtohaveproblems. Duringthe
    troubleshooting,theadministratornoticedthattheFortiGatedeletesthesessionsaftertheclients
    sendtheSYNpackets,andbeforethearrivaloftheSYN/ACKs.WhentheSYN/ACKpacketsarriveto
    theFortiGate,theunithasalreadydeletedtherespectivesessions.WhichTCPsessiontimermustbe
    increasedtofixthisproblem?

    A.TCPhalfopen.
    B.TCPhalfclose.
    C.TCPtimewait.
    D.TCPsessiontimetolive.

    Answer:A

    Explanation:
    http://docs-
    legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&fil
    e=CLI_get_Commands.58.25.html
    Thetcp-halfopen-timer controlsfor howlong, after aSYNpacket, asessionwithout SYN/ACK
    remainsinthetable.
    Thetcp-halfclose-timer controls for howlong, after aFINpacket, asessionwithout FIN/ACK
    remainsinthetable.
    Thetcp-timewait-timercontrolsforhowlong, afteraFIN/ACKpacket, asessionremainsinthe
    table. Aclosedsessionremainsinthesessiontableforafewsecondsmoretoallowanyout-of-
    sequencepacket.

    Question:6

    AnadministratorisrunningthefollowingsnifferinaFortiGate:
    diagnosesnifferpacketany“host10.0.2.10”2
    Whatinformationisincludedintheoutputofthesniffer?(Choosetwo.)

    A.Ethernetheaders.
    B.IPpayload.
    C.IPheaders.
    D.Portnames.

    Answer:B,C

    Explanation:
    https://kb.fortinet.com/kb/documentLink.do?externalID=11186

    Question:7

    Examinethepartialoutputfromtwowebfilterdebugcommands;thenanswerthequestionbelow:
    Page6

    Basedontheaboveoutputs, whichis theFortiGuardwebfilter categoryfor thewebsite


    www.fgt99.com?

    A.Financeandbanking
    B.Generalorganization.
    C.Business.
    D.Informationtechnology.

    Answer:C

    Question:8

    Examinetheoutputof the‘getrouterinfoospf interface’ commandshownintheexhibit; then


    answerthequestionbelow.
    Page7

    Whichstatementsaretrueregardingtheaboveoutput?(Choosetwo.)

    A.Theport4interfaceisconnectedtotheOSPFbackbonearea.
    B.ThelocalFortiGatehasbeenelectedastheOSPFbackupdesignatedrouter.
    C.Thereareatleast5OSPFroutersconnectedtotheport4network.
    D.TwoOSPFroutersaredownintheport4network.

    Answer:A,C

    Explanation:
    onBROADCASTnetworkthereare4neighbors, amongwhich1*DR+1*BDR. Soour FGhas4
    neighbors,butcreateadjacencyonlywith2(withDRandBDR).2neighborsDRother(notdown).

    You might also like