NSE7_EFW-6.0 Online Practice Questions and Answers

View the exhibit, which contains a session table entry, and then answer the question below.

Which one of the following statements is true regarding FortiGates's inspection of this session?

A. FortiGate applied flow-based inspection.

B. FortiGate applied proxy-based inspection.

C. FortiGate forwarded this session without any inspection.

D. FortiGate applied NGFW flow-based inspection.

View the exhibit, which contains the output of a debug command, and then answer the question below.

Which one of the following statements about this FortiGate is correct?

A. It is currently in system conserve mode because of high CPU usage.

B. It is currently in extreme conserve mode because of high memory usage.

C. It is currently in proxy conserve mode because of high memory usage.

D. It is currently in memory conserve mode because of high memory usage.

What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

A. OSPF IP MTUs match.

B. OSPF costs match.

C. OSPF peer IDs match.

D. IP addresses are in the same subnet.

E. Hello and dead intervals match.

How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?

A. FortiManager will respond to update requests only from a managed device.

B. FortiManager can download and maintain local copies of FortiGuard databases.

C. FortiManager supports only FortiGuard push update to managed devices.

D. FortiManager does not support web filter rating requests.

Which of the following conditions must be met for a static route to be active in the routing table? (Choose two.)

A. The next-hop IP address is up.

B. There is no other route, to the same destination, with a higher distance.

C. The link health monitor (if configured) is up.

D. The outgoing interface is up.

View the following FortiGate configuration.

All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network.

If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that user's session?

A. The session would be deleted, so the client would need to start a new session.

B. The session would remain in the session table, and its traffic would still egress from port1.

C. The session would remain in the session table, and its traffic would start to egress from port2.

D. The session would remain in the session table, but its traffic would now egress from both port1 and port2.

An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

A. diagnose sniffer packet any 'esp'

B. diagnose sniffer packet any 'tcp port 500 or tcp port 4500'

C. diagnose sniffer packet any 'udp port 4500'

D. diagnose sniffer packet any 'udp port 500'

View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.

Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

A. auto-discovery-receiver

B. auto-discovery-forwarder

C. auto-discovery-sender

D. auto-discovery-shortcut

What is the purpose of an internal segmentation firewall (ISFW)?

A. It is the first line of defense at the network perimeter.

B. It inspects incoming traffic to protect services in the corporate DMZ.

C. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.

D. It splits the network into multiple security segments to minimize the impact of breaches.

View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.

Which of the following statements about this debug output are correct? (Choose two.)

A. It shows a phase 1 negotiation.

B. The initiator has provided remote as its IPsec peer ID.

C. The negotiation is using AES128 encryption with CBC hash.

D. The remote gateway IP address is 10.0.0.1.