NSE7 | Fortinet NSE7 Dumps Questions 2021

NEW QUESTION 1
View the IPS exit log, and then answer the question below.
# diagnose test application ipsmonitor 3
ipsengine exit log”
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2021 code = 11, reason: manual
What is the status of IPS on this FortiGate?

• A. IPS engine memory consumption has exceeded the model-specific predefined value.
• B. IPS daemon experienced a crash.
• C. There are communication problems between the IPS engine and the management database.
• D. All IPS-related features have been disabled in FortiGate’s configuration.

Answer: B

NEW QUESTION 2
View the exhibit, which contains an entry in the session table, and then answer the question below.

Which one of the following statements is true regarding FortiGate’s inspection of this session?

• A. FortiGate applied proxy-based inspection.
• B. FortiGate forwarded this session without any inspection.
• C. FortiGate applied flow-based inspection.
• D. FortiGate applied explicit proxy-based inspection.

Answer: B

NEW QUESTION 3
View the global IPS configuration, and then answer the question below.

Which of the following statements is true regarding this configuration?

• A. IPS will scan every byte in every session.
• B. FortiGate will spawn IPS engine instances based on the system load.
• C. New packets will be passed through without inspection if the IPS socket buffer runs out of memory.
• D. IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.

Answer: A

NEW QUESTION 4
An administrator has enabled HA session synchronization in a HA cluster with two members. Which flag is added to a primary unit’s session to indicate that it has been synchronized to the secondary unit?

• A. redir.
• B. dirty.
• C. synced
• D. nds.

Answer: C

NEW QUESTION 5
An administrator cannot connect to the GIU of a FortiGate unit with the IP address 10.0.1.254. The administrator runs the debug flow while attempting the connection using HTTP. The output of the debug flow is shown in the exhibit:

Based on the error displayed by the debug flow, which are valid reasons for this problem? (Choose two.)

• A. HTTP administrative access is disabled in the FortiGate interface with the IP address 10.0.1.254.
• B. Redirection of HTTP to HTTPS administrative access is disabled.
• C. HTTP administrative access is configured with a port number different than 80.
• D. The packet is denied because of reverse path forwarding check.

Answer: AC

NEW QUESTION 6
View the exhibit, which contains the output of a diagnose command, and the answer the question below.

Which statements are true regarding the Weight value?

• A. Its initial value is calculated based on the round trip delay (RTT).
• B. Its initial value is statically set to 10.
• C. Its value is incremented with each packet lost.
• D. It determines which FortiGuard server is used for license validation.

Answer: C

NEW QUESTION 7
Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

• A. Group ID.
• B. Group name.
• C. Session pickup.
• D. Gratuitous ARPs.

Answer: A

NEW QUESTION 8
View the exhibit, which contains the output of a diagnose command, and then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

• A. FortiGate will probe 121.111.236.179 every fifteen minutes for a response.
• B. Servers with the D flag are considered to be down.
• C. Servers with a negative TZ value are experiencing a service outage.
• D. FortiGate used 209.222.147.3 as the initial server to validate its contract.

Answer: CD

NEW QUESTION 9
Examine the partial output from the IKE real time debug shown in the exhibit; then answer the question below.

Why didn’t the tunnel come up?

• A. IKE mode configuration is not enabled in the remote IPsec gateway.
• B. The remote gateway’s Phase-2 configuration does not match the local gateway’s phase-2 configuration.
• C. The remote gateway’s Phase-1 configuration does not match the local gateway’s phase-1 configuration.
• D. One IPsec gateway is using main mode, while the other IPsec gateway is using aggressive mode.

Answer: B

NEW QUESTION 10
When does a RADIUS server send an Access-Challenge packet?

• A. The server does not have the user credentials yet.
• B. The server requires more information from the user, such as the token code for two-factor authentication.
• C. The user credentials are wrong.
• D. The user account is not found in the server.

Answer: B

NEW QUESTION 11
Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below.
# diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is
NOT the one used by the workstation INTERNAL2. TRAINING. LAB.
What should the administrator check?

• A. The IP address recorded in the logon event for the user STUDENT.
• B. The DNS name resolution for the workstation name INTERNAL2. TRAININ
• C. LAB.
• D. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2.TRAININ
• E. LAB.
• F. The reserve DNS lookup forthe IP address 192.168.3.1.

Answer: C

NEW QUESTION 12
Which statement is true regarding File description (FD) conserve mode?

• A. IPS inspection is affected when FortiGate enters FD conserve mode.
• B. A FortiGate enters FD conserve mode when the amount of available description is less than 5%.
• C. FD conserve mode affects all daemons running on the device.
• D. Restarting the WAD process is required to leave FD conserve mode.

Answer: B

NEW QUESTION 13
A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

• A. Firewall monitor.
• B. Policy monitor.
• C. Logs.
• D. Crashlogs.

Answer: CD

NEW QUESTION 14
View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.

Why didn’t the tunnel come up?

• A. The pre-shared keys do not match.
• B. The remote gateway’s phase 2 configuration does not match the local gateway’s phase 2 configuration.
• C. The remote gateway’s phase 1 configuration does not match the local gateway’s phase 1 configuration.
• D. The remote gateway is using aggressive mode and the local gateway is configured to use man mode.

Answer: C

NEW QUESTION 15
View these partial outputs from two routing debug commands:

Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?

• A. Both port1 and port2
• B. port3
• C. port1
• D. port2

Answer: C

NEW QUESTION 16
When using the SSL certificate inspection method for HTTPS traffic, how does FortiGate filter web requests when the browser client does not provide the server name indication (SNI)?

• A. FortiGate uses the Issued To: field in the server’s certificate.
• B. FortiGate switches to the full SSL inspection method to decrypt the data.
• C. FortiGate blocks the request without any further inspection.
• D. FortiGate uses the requested URL from the user’s web browser.

Answer: D