NSE7_EFW-6.0 Online Practice Questions and Answers
View the exhibit, which contains the output of diagnose sys session list, and then answer the question below.
If the HA ID for the primary unit is zero (0), which one of the following statements about the output is true?
A. This session is for HA heartbeat traffic.
B. This session cannot be synced with the slave unit.
C. The master unit is processing this traffic.
D. The inspection of this session has been offloaded to the slave unit.
An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator noticed that some of the switches in the network continue to send traffic to the former primary unit. The administrator decides to enable the setting link-failed-signal to fix the problem. Which one of the following statements about this command is true?
A. Forces the former primary device to shut down all its non-heartbeat interfaces for one second while the failover occurs.
B. Sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.
C. Disables all the non-heartbeat interfaces in all the HA members for two seconds after a failover.
D. Sends a link failed signal to all connected devices.
How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
A. FortiManager will respond to update requests only from a managed device.
B. FortiManager can download and maintain local copies of FortiGuard databases.
C. FortiManager supports only FortiGuard push update to managed devices.
D. FortiManager does not support web filter rating requests.
View the exhibit, which contains the output of a debug command, and then answer the question below.
Which of the following statements about the exhibit are true? (Choose two.)
A. Port4 is connected to the OSPF backbone area.
B. In the network connected to port4, two OSPF routers are down.
C. The local FortiGate is the backup designated router.
D. The local FortiGate's OSPF router ID is 0.0.0.4.
View the exhibit, which contains the partial output of a diagnose command, and then answer the question below.
Based on the output, which one of the following statements is correct?
A. Quick mode selectors are disabled.
B. DPD is disabled.
C. Anti-replay is enabled.
D. Remote gateway IP is 10.200.5.1
Which of the following conditions must be met for a static route to be active in the routing table? (Choose two.)
A. The next-hop IP address is up.
B. There is no other route, to the same destination, with a higher distance.
C. The link health monitor (if configured) is up.
D. The outgoing interface is up.
View the exhibit, which contains a partial routing table, and then answer the question below.
Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)
A. Source IP address 10.1.0.24, Destination IP address 10.72.3.20.
B. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.
C. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.
D. Source IP address 10.73.9.10, Destination IP address 10.72.3.15.
View these partial outputs from two routing debug commands:
Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?
A. Both port1 and port2
B. port3
C. port2
D. port1
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?
A. diagnose sniffer packet any 'esp'
B. diagnose sniffer packet any 'tcp port 500 or tcp port 4500'
C. diagnose sniffer packet any 'udp port 4500'
D. diagnose sniffer packet any 'udp port 500'
Which of the following statements are correct regarding application layer test commands? (Choose two.)
A. Some of them display statistics and configuration information about a feature or process.
B. They are used to filter real-time debugs.
C. They display real-time application debugs.
D. Some of them can be used to restart an application.
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2024 leads4pass.com.