NSE7_EFW-6.4 Online Practice Questions and Answers

Examine the following partial outputs from two routing debug commands; then answer the question below:

Why the default route using port2 is not displayed in the output of the second command?

A. It has a lower priority than the default route using port1.

B. It has a higher priority than the default route using port1.

C. It has a higher distance than the default route using port1.

D. It is disabled in the FortiGate configuration.

In which two states is a given session categorized as ephemeral? (Choose two.)

A. A TCP session waiting to complete the three-way handshake.

B. A TCP session waiting for FIN ACK.

C. A UDP session with packets sent and received.

D. A UDP session with only one packet received.

View the exhibit, which contains the output of a debug command, and then answer the question below.

Which one of the following statements about this FortiGate is correct?

A. It is currently in system conserve mode because of high CPU usage.

B. It is currently in extreme conserve mode because of high memory usage.

C. It is currently in proxy conserve mode because of high memory usage.

D. It is currently in memory conserve mode because of high memory usage.

A FortiGate device has the following LDAP configuration: The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:

Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)

A. cnid.

B. username.

C. password.

D. dn.

Refer to the exhibit, which contains partial outputs from two routing debug commands.

Why is the port2 default route not in the second command's output?

A. It has a higher priority value than the default route using port1.

B. It is disabled in the FortiGate configuration.

C. It has a lower priority value than the default route using port1.

D. It has a higher distance than the default route using port1.

Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)

A. Installing configuration changes to managed devices

B. Importing interface mappings from managed devices

C. Adding devices to FortiManager

D. Previewing pending configuration changes for managed devices

What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

A. Reduce the session time to live.

B. Increase the TCP session timers.

C. Increase the FortiGuard cache time to live.

D. Reduce the maximum file size to inspect.

When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filter web requests when the client browser does not provide the server name indication (SNI) extension?

A. FortiGate uses the requested URL from the user's web browser.

B. FortiGate uses the CN information from the Subject field in the server certificate.

C. FortiGate blocks the request without any further inspection.

D. FortiGate switches to the full SSL inspection method to decrypt the data.

What is the purpose of an internal segmentation firewall (ISFW)?

A. It inspects incoming traffic to protect services in the corporate DMZ.

B. It is the first line of defense at the network perimeter.

C. It splits the network into multiple security segments to minimize the impact of breaches.

D. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.

Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

A. SIP session helper runs in the kernel; SIP ALG runs as a user space process.

B. SIP ALG supports SIP HA failover; SIP helper does not.

C. SIP ALG supports SIP over IPv6; SIP helper does not.

D. SIP ALG can create expected sessions for media traffic; SIP helper does not.

E. SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.