New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Fortinet FCSS_NST_SE-7.4 FCSS - Network Security 7.4 Support Engineer Exam Practice Test

Page: 1 / 4
Total 40 questions

FCSS - Network Security 7.4 Support Engineer Questions and Answers

Question 1

In which two slates is a given session categorized as ephemeral? (Choose two.)

Options:

A.

A UDP session with only one packet received

B.

A UOP session with packets sent and received

C.

A TCP session waiting for the SYN ACK

D.

A TCP session waiting for FIN ACK

Question 2

Exhibit.

Question # 2

Refer to the exhibit, which shows a partial web fillet profile configuration.

Which action does FortiGate lake if a user attempts to access www. dropbox. com, which is categorized as File Sharing and Storage?

Options:

A.

FortiGate allows the connection, based on the URL Filter configuration.

B.

FortiGate blocks the connection as an invalid URL.

C.

FortiGate exempts the connection, based on the Web Content Filter configuration.

D.

FortiGate blocks the connection, based on the FortiGuard category based filter configuration.

Question 3

Exhibit.

Question # 3

Refer to the exhibit, which shows a partial output of diagnose hardware aysinfo memory.

Which two statements about the output are true? (Choose two.)

Options:

A.

There are 98908 kB o! memory that will never be used.

B.

The user space has 708880 kB of physical memory that is not used by the system.

C.

The I/O cache, which has 641364 kB of memory allocated to it.

D.

The value indicated next to the inactive heading represents the currently unused cache page.

Question 4

Refer to the exhibit, which shows the output of get router info bgp summary.

Question # 4

Which two statements are true? (Choose two.)

Options:

A.

The local ForliGate has received one prefix from BGP neighbor 100.64.1.254.

B.

The TCP connection with BGP neighbor 100.64.2.254 was successful.

C.

The local FortiGate has received 18 packets from a BGP neighbor.

D.

The local FortiGate is still calculating the prefixes received from BGP neighbor 100.64.2.264

Question 5

What are two reasons you might see iprope_in_check() check failed, drop when using the debug flow? (Choose two.)

Options:

A.

Packet was dropped because of policy route misconfiguration.

B.

Packet was dropped because of traffic shaping.

C.

Trusted host list misconfiguration.

D.

VIP or IP pool misconfiguration.

Question 6

Which two statements about an auxiliary session ate true? (Choose two.)

Options:

A.

With the auxiliary session selling disabled, only auxiliary sessions are offloaded.

B.

With the auxiliary session setting enabled. ECMP traffic is accelerated to the NP6 processor.

C.

With the auxiliary session setting enabled. Iwo sessions are created in case of routing change.

D.

With the auxiliary session setting disabled, for each traffic path. FortiGate uses the same auxiliary session.

Question 7

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.

If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?

Options:

A.

diagnose sniffer packet any 'udp port 500'

B.

diagnose sniffer packet any 'lp proto 50'

C.

diagnose sniffer packet any 'udp port 4500'

D.

diagnose sniffer packet any 'ah'

Question 8

Refer to the exhibit, which shows the omitted output of a session table entry.

Question # 8

Which two statements are true? (Choose two.)

Options:

A.

The traffic has been tagged for VLAN 0000.

B.

NP7 is handling offloading of this session.

C.

The traffic matches Policy ID 1.

D.

The session has been offloaded.

Question 9

Exhibit.

Question # 9

Refer to the exhibit, which shows a FortiGate configuration.

An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however the web filter is not inspecting any traffic that is passing through the policy.

What must the administrator do to fix the issue?

Options:

A.

Disable webfilter-force-off.

B.

Increase webfilter-timeout.

C.

Enable fortiguard-anycast.

D.

Change protocol to TCP.

Question 10

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.

Question # 10

What two conclusions can you draw Itom the output? (Choose two.)

Options:

A.

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.

B.

The logon event can be seen on the collector agent installed on Windows.

C.

FSSO is using DC agent mode to detect logon events.

D.

FSSO is using agentless polling mode to detect logon events.

Question 11

Exhibit.

Question # 11

Refer to the exhibit, which contains partial output from an IKE real-time debug.

Which two statements about this debug output are correct? (Choose two.)

Options:

A.

Perfect Forward Secrecy (PFS) is enabled in the configuration.

B.

The local gateway IP address is 10.0.0.1.

C.

It shows a phase 2 negotiation.

D.

The initiator provided remote as its IPsec peer ID.

Question 12

Exhibit.

Question # 12

Refer to the exhibit, which shows the output of a session. Which two statements are true? (Choose Iwo.)

Options:

A.

The TCP session has been successfully established.

B.

The session was initiated from an authenticated user.

C.

The session is being inspected using flow inspection.

D.

The session is being offloaded.

Page: 1 / 4
Total 40 questions