New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Fortinet NSE7_NST-7.2 Fortinet NSE 7 - Network Security 7.2 Support Engineer Exam Practice Test

Page: 1 / 4
Total 40 questions

Fortinet NSE 7 - Network Security 7.2 Support Engineer Questions and Answers

Question 1

Which three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

Options:

A.

OSPF link costs match.

B.

OSPF interface priority settings are unique

C.

OSPF interface network types match

D.

Authentication settings match.

E.

OSPF router IDs are unique.

Question 2

Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.

Question # 2

What three conclusions can you draw from these log entries? (Choose three.)

Options:

A.

Remote registry is not running on the workstation.

B.

The FortiGate firmware version is not compatible with that of the collector agent

C.

DNS resolution is unable to resolve the workstation name.

D.

The user's status shows as "not verified" in the collector agent

E.

A firewall is blocking traffic to port 139 and 445.

Question 3

Refer to the exhibit, which shows a truncated output of a real-time RADIUS debug.

Question # 3

Which two statements are true? (Choose two.)

Options:

A.

The RADIUS server queried for authentication is located at IP address 172.25.188.164.

B.

Authentication was unsuccessful.

C.

The authentication scheme used was pop3.

D.

Authentication was successful

E.

Two-factor authentication was required.

Question 4

Exhibit.

Question # 4

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

Question # 4

B)

Question # 4

C)

Question # 4

D)

Question # 4

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 5

Refer to the exhibit, which shows a session table entry.

Question # 5

Which statement about FortiGate behavior relating to this session is true?

Options:

A.

FortiGate forwarded this session without any inspection.

B.

FortiGate is performing a security profile inspection using the CPU.

C.

FortiGate redirected the client to the captive portal to authenticate, so that a correct policy match could be made.

D.

FortiGate applied only IPS inspection to this session.

Question 6

Refer to the exhibit. whichcontains the output of diagnose vpn tunnellist.

Question # 6

Which command will capture ESP traffic for the VPN named DialUp_0?

Options:

A.

diagnose sniffer packet any ‘host10.0.10.10’

B.

diagnose sniffer packet any ‘ip proto 50’

C.

diagnose sniffer packet any ‘esp and host 10*200.3.2’

D.

diagnose sniffer packet any ‘port 4500’

Question 7

Question # 7

If the default settings are in place, what can you conclude about the conserve mode shown in the exhibit?

Options:

A.

FortiGate is currently blocking new sessions that require flow-based or proxy-based content inspection.

B.

FortiGate is currently blocking all new sessions regardless of the content inspection requirements or configuration settings because of high memory use.

C.

FortiGate is currently allowing new sessions that require flow-based or proxy-based content inspection but is not performing inspection on those sessions.

D.

FortiGate is currently allowing new sessions that require flow-based content inspection and blocking sessions that require proxy-based content inspection.

Question 8

Refer to the exhibit, which shows the omitted output of FortiOS kernel slabs.

Question # 8

Which statement is true?

Options:

A.

The total slab size of the tcp_sessior. slab Is 7500 kB and is associated with the kernel.

B.

The total slab size of the ip6_session slab is 1300 kB and is associated with the kernel.

C.

The total slab size of the sctp_session slab is 0 kB and is associated with the user space

D.

The total slab size of the ip_session slab is 3600 kB and is associated with the user space.

Question 9

Refer to the exhibit, which contains the partial output of a diagnose command.

Question # 9

Based on the output, which two statements are correct? (Choose two.)

Options:

A.

The remote gateway IP is 10.200.5.1.

B.

The remote gateway has quick more selectors containing a destination subnet of 10.1.2.0/24.

C.

DPD is disabled.

D.

Anti-replay is enabled.

Question 10

Exhibit.

Question # 10

Refer to the exhibit, which shows the output of getrouterinfo bgp neighbors100.64.2.254.

What can you conclude from the output?

Options:

A.

The BGP neighbor is advertising the 10.20.30.40/24 network to the local router.

B.

The router ID of the neighbor is 100.64.2.254.

C.

The BGP state of the two BGP participants is OpenConfirm.

D.

The local router is adverting the 10.20.30.40/24 network to its BGP neighbor.

Question 11

Refer to the exhibit, which shows the output of a BGP debug command.

Question # 11

Which statement explains why the state of the 10.200.3.1 peer is Connect?

Options:

A.

The local router initiated the BGP session to 10.200.3.1 but did not receive a response.

B.

The local router is receiving BGP keepalives from the remote peer, but the local peer has not received the OpenConf inn yet.

C.

The router 10.200.3.1 has authentication configured for BGP and the local router does not.

D.

The local router has a different AS number than the remote peer.

Question 12

Question # 12

Refer to the exhibit, which shows the output of a diagnose command.

What can you conclude from the RTT value?

Options:

A.

Its value represents the time it takes to receive a response after a rating request is sent to a particular server.

B.

Its value is incremented with each packet lost.

C.

It determines which FortiGuard server is used for license validation.

D.

lts initial value is statically set to 10.

Page: 1 / 4
Total 40 questions