Fortinet NSE 6 - Network Security 7.6 Support Engineer
Last Update Jul 14, 2026
Total Questions : 134
We are offering FREE FCSS_NST_SE-7.6 Fortinet exam questions. All you do is to just go and sign up. Give your details, prepare FCSS_NST_SE-7.6 free exam questions and then go for complete pool of Fortinet NSE 6 - Network Security 7.6 Support Engineer test questions that will help you more.
Refer to the exhibits.

An administrator is attempting to advertise the network configured on port3. However, FGT-A is not receiving the prefix.
Which two actions can the administrator take to fix this problem? (Choose two.)
Refer to the exhibit.
Partial output of diagnose sys session stat command is shown.

An administrator has noticed unusual behavior from FortiGate. It appears that sessions are randomly removed. Which two reasons could explain this? (Choose two.)
Refer to the exhibit.

An IPsec VPN tunnel using IKEv2 was brought up successfully, but when the tunnel rekey takes place the tunnel goes down.
The debug command for IKE was enabled and, in the exhibit, you can review the partial output of the debug IKE while attempting to bring the tunnel up.
What is causing. The tunnel to be down?
Exhibit.

Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
What three conclusions can you draw from these log entries? {Choose three.)
Refer to the exhibits.

An OSPF peer is advertising route 172.16.52.0/24. The local FortiGate is configured with an inbound distribution list that allows the 172.16.0.0/16 network to be injected into its routing table. However, the 1 ' 2.16.52.0/24 subnet cannot be seen in the FIB.
Which two stops can the administrator of the local FortiGate take to ensure that the advertised 172.16. 52.0/24 subnet will be injected into the routing table? (Choose two.)
Refer to the exhibit, which shows a partial output of a real-time LDAP debug.

What two conclusions can you draw from the output? (Choose two.)
Refer to the exhibit, which shows the output of diagnose sys session list.

If the HA ID for the primary device is 0, what happens if the primary fails and the secondary becomes the primary?
Refer to the exhibit, which shows partial outputs from two routing debug commands.

Which change must an administrator make on FortiGate to route web traffic from internal users to the internet, using ECMP?
Refer to the exhibit.

The modified output of live routing kemel is shown
Which two statements about the output are (rue? (Choose two.)
Exhibit.

Refer to the exhibit, which shows a partial output of diagnose hardware aysinfo memory.
Which two statements about the output are true? (Choose two.)
Refer to the exhibit, which shows the output of a diagnose command. What can you conclude from the RTT value?

Which Iwo troubleshooting steps should you perform lf you encounter issues with intermittent web filter behavior? (Choose two.)
Refer to the exhibit, which shows the output of a real-time debug. Which statement about this output is true? (Choose one answer)

What can cause an IKEv2 tunnel to go down after it was initially brought up successfully?
Refer to the exhibit.
The output of a BGO debug command is shown.

What is the most likely reason that the local FortiGate is not receiving any prefixes from its neighbors?
Which three common FortiGate-to-collector-agent connectivity issues can you identify using the FSSO real-time debug? (Choose three.)
In a Security Fabric environment which three actions must you take to ensure successful communication among the nodes? (Choose three.)
Refer to the exhibit, which shows the modified output of the routing kernel.

Which statement is true?
An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.
If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?
Refer to the exhibit, which shows the port1 interface configuration on FortiGate and partial session information for ICMP traffic.

What happens to the session information if a routing change occurs that affects this session?
Refer to the exhibit.

The routing table information is shown.
Assuming a default configuration, which three statements about the RPF check on FortiGate are
correct? (Choose three.)
Which authentication option can you not configure under config user radius on FortiOS?
Refer to the exhibits,

which show the configuration on FortiGate and partial session information for internet traffic from a user on the internal network. If the priority on route ID 2 were changed from 10 to 0, what would happen to traffic matching that user session? (Choose one answer)
Which of the following regarding protocol states is true? (Choose one answer)
The local OSPF router is unable to establish adjacency with a peer.
Which two things should the administrator do to troubleshoot the issue? (Choose two.)
Refer to the exhibit.

The output of the command diagnose vpn tunnel list is shown.
Reviewing the debug command, what is the current status of the traffic flowing through the tunnel?
Refer to the exhibit.

Which Iwo statements about FortiGate behavior relating to this session are correct? (Choose two.)
Which two statements about Security Fabric communications are true? (Choose two.)
Refer to the exhibit, which shows the output of get router info ospf neighbor.

What can you conclude from the command output?
What is the diagnose test application ipsmonitor 5 command used for? (Choose one answer)
Refer to the exhibit, which shows the output of get router info bgp summary.

Which two statements are true? (Choose two.)
Refer to the exhibit.

The output of a BGP debug command is shown.
Why has the local router at 172.16.23.58 been unable to establish adjacency with its only neighbor?
Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate.
Which action will FortiGate take when using the default settings for SSL certificate inspection?
Which two statements about Security Fabric communications are true? (Choose two.)
Refer to the exhibits, which contain the partial configurations of two VPNs on FortiGate.

An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovers that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must the administrator make to fix the issue? (Choose two.)