Summer Special Discount 60% Offer - Ends in 0d 00h 00m 00s - Coupon code: brite60

Fortinet NSE 7 - Enterprise Firewall 7.0 Question and Answers

Fortinet NSE 7 - Enterprise Firewall 7.0

Last Update Apr 18, 2024
Total Questions : 163

We are offering FREE NSE7_EFW-7.0 Fortinet exam questions. All you do is to just go and sign up. Give your details, prepare NSE7_EFW-7.0 free exam questions and then go for complete pool of Fortinet NSE 7 - Enterprise Firewall 7.0 test questions that will help you more.

NSE7_EFW-7.0 pdf

NSE7_EFW-7.0 PDF

$40  $99.99
 Add to Cart
NSE7_EFW-7.0 Engine

NSE7_EFW-7.0 Testing Engine

$48  $119.99
 Add to Cart
NSE7_EFW-7.0 PDF + Engine

NSE7_EFW-7.0 PDF + Testing Engine

$64  $159.99
 Add to Cart
Questions 1

View the exhibit, which contains a partial routing table, and then answer the question below.

Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

Options:

A.  

Source IP address 10.1.0.24, Destination IP address 10.72.3.20.

B.  

Source IP address 10.72.3.27, Destination IP address 10.1.0.52.

C.  

Source IP address 10.72.3.52, Destination IP address 10.1.0.254.

D.  

Source IP address 10.73.9.10, Destination IP address 10.72.3.15.

Discussion 0
Questions 2

Examine the partial output from two web filter debug commands; then answer the question below:

Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?

Options:

A.  

Finance and banking

B.  

General organization.

C.  

Business.

D.  

Information technology.

Discussion 0
Questions 3

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

Options:

A.  

Group ID.

B.  

Group name.

C.  

Session pickup.

D.  

Gratuitous ARPs.

Discussion 0
Questions 4

View the following FortiGate configuration.

All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network:

If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that user’s session?

Options:

A.  

The session would remain in the session table, and its traffic would still egress from port1.

B.  

The session would remain in the session table, but its traffic would now egress from both port1 and port2.

C.  

The session would remain in the session table, and its traffic would start to egress from port2.

D.  

The session would be deleted, so the client would need to start a new session.

Discussion 0
Questions 5

View the exhibit, which contains the output of get sys ha status, and then answer the question below.

Which statements are correct regarding the output? (Choose two.)

Options:

A.  

The slave configuration is not synchronized with the master.

B.  

The HA management IP is 169.254.0.2.

C.  

Master is selected because it is the only device in the cluster.

D.  

port 7 is used the HA heartbeat on all devices in the cluster.

Discussion 0
Questions 6

View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.

The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?

Options:

A.  

Change phase 1 encryption to 3DES and authentication to SHA128.

B.  

Change phase 1 encryption to AES128 and authentication to SHA512.

C.  

Change phase 1 encryption to AESCBC and authentication to SHA2.

D.  

Change phase 1 encryption to AES256 and authentication to SHA256.

Discussion 0
Questions 7

What are two functions of automation stitches? (Choose two.)

Options:

A.  

Automation stitches can be configured on any FortiGate device in a Security Fabric environment.

B.  

An automation stitch configured to execute actions sequentially can take parameters from previous actions as input for the current action.

C.  

Automation stitches can be created to run diagnostic commands and attach the results to an email message when CPU or memory usage exceeds specified thresholds.

D.  

An automation stitch configured to execute actions in parallel can be set to insert a specific delay between actions.

Discussion 0
Questions 8

Refer to the exhibit, which shows a partial routing table.

Assuming all the appropriate firewall policies are configured, which two pings will FortiGate route? (Choose two.)

Options:

A.  

Source IP address: 10.1.0.10. Destination IP address: 10.64.1.52

B.  

Source IPaddress: 10.72.3.52. Destination IP address: 10.1.0.254

C.  

Source IPaddress: 10.10.4.24, Destination IPaddress: 10.72.3.20

D.  

Source IPaddress: 10.73.9.10, Destination IPaddress: 10.72.3.15

Discussion 0
Questions 9

Examine the output of the ‘get router info ospf interface’ command shown in the exhibit; then answer the question below.

Which statements are true regarding the above output? (Choose two.)

Options:

A.  

The port4 interface is connected to the OSPF backbone area.

B.  

The local FortiGate has been elected as the OSPF backup designated router.

C.  

There are at least 5 OSPF routers connected to the port4 network.

D.  

Two OSPF routers are down in the port4 network.

Discussion 0
Questions 10

Refer to the exhibit, which contains partial output from an IKE real-time debug.

Why did the tunnel not come up?

Options:

A.  

The local gateway has configured less secure encryption and hashing algorithms compared to the remote gateway.

B.  

The Diffie-Hellman group does not match on the local and remote gateways.

C.  

The proposal ID does not match between local and remote gateways.

D.  

The encapsulation method for phase 2 is set to none on local and remote gateways.

Discussion 0
Questions 11

Refer to the exhibit, which shows the output of get system ha status. NGFW-1 and NGFW-2 have been up for a week.

Which two statements about the output are true? (Choose two.)

Options:

A.  

If FGVM...649 is rebooted, FGVM...650 will become the primary and retain that role, even after FGVM...649 rejoins the cluster.

B.  

If no action is taken, the primary FortiGate will leave the cluster due to the current sync status.

C.  

If port7 becomes disconnected on the secondary, both FortiGate devices will elect itself the primary.

D.  

If a configuration change is made to the primary FortiGate at this time, the secondary will initiate a synchronization reset.

Discussion 0
Questions 12

A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

Options:

A.  

Firewall monitor.

B.  

Policy monitor.

C.  

Logs.

D.  

Crashlogs.

Discussion 0
Questions 13

How are bulk configuration changes made using FortiManager CLI scripts? (Choose two.)

Options:

A.  

When run on the All FortiGate in ADOM, changes are automatically installed without the creation of a new revision history.

B.  

When run on the Device Database, changes are applied directly to the managed FortiGate device.

C.  

When run on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

D.  

When run on the Policy Package, ADOM database, you must use the installation wizard to apply the changes to the managed FortiGate device

Discussion 0
Questions 14

Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below.

Which IP addresses are included in the output of this command?

Options:

A.  

Those whose traffic matches a DoS policy.

B.  

Those whose traffic matches an IPS sensor.

C.  

Those whose traffic exceeded a threshold of a matching DoS policy.

D.  

Those whose traffic was detected as an anomaly by an IPS sensor.

Discussion 0
Questions 15

Refer to the exhibit, which shows a FortiGate configuration.

An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however, the web filter is not inspecting any traffic that is passing through the policy.

What must the administrator change to fix the issue?

Options:

A.  

Increase webfilter-timeout.

B.  

Change protocol to TCP.

C.  

Enable fortiguard-anycast.

D.  

Disable webfilter-force-off.

Discussion 0
Questions 16

Refer to the exhibit, which shows a partial web filter profile configuration.

Which action will FortiGate take if a user attempts to access www.dropbox.com, which is categorized as File Sharing and Storage?

Options:

A.  

FortiGate will block the connection, based on the FortiGuard category based filter configuration.

B.  

FortiGate will block the connection as an invalid URL.

C.  

FortiGate will exempt the connection, based on the Web Content Filter configuration.

D.  

FortiGate will allow the connection, based on the URL Filter configuration.

Discussion 0
Questions 17

Refer to the exhibit, which shows the output of a diagnose command

What can you conclude from the RTT value?

Options:

A.  

Its value represents the time it takes to receive a response after a rating request is sent to a particular server.

B.  

Its value is incremented with each packet lost.

C.  

It determines which FortiGuard server is used for license validation.

D.  

Its initial value is statically set to 10.

Discussion 0
Questions 18

In which two ways does FortiManager function when it is deployed as a local FDS? (Choose two.)

Options:

A.  

It provides VM license validation services.

B.  

It supports rating requests from non-FortiGate devices.

C.  

It caches available firmware updates for unmanaged devices.

D.  

It can be configured as an update server, a rating server, or both.

Discussion 0
Questions 19

Which three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

Options:

A.  

OSPF interface network types match.

B.  

OSPF router IDs are unique.

C.  

OSPF interface priority settings are unique.

D.  

Authentication settings match.

E.  

OSPF link costs match.

Discussion 0
Questions 20

Examine the following partial output from a sniffer command; then answer the question below.

What is the meaning of the packets dropped counter at the end of the sniffer?

Options:

A.  

Number of packets that didn’t match the sniffer filter.

B.  

Number of total packets dropped by the FortiGate.

C.  

Number of packets that matched the sniffer filter and were dropped by the FortiGate.

D.  

Number of packets that matched the sniffer filter but could not be captured by the sniffer.

Discussion 0
Questions 21

An administrator has configured a FortiGate device with two VDOMs: root and internal. The administrator has also created and inter-VDOM link that connects both VDOMs. The objective is to have each VDOM advertise some routes to the other VDOM via OSPF through the inter-VDOM link. What OSPF configuration settings must match in both VDOMs to have the OSPF adjacency successfully forming? (Choose three.)

Options:

A.  

Router ID.

B.  

OSPF interface area.

C.  

OSPF interface cost.

D.  

OSPF interface MTU.

E.  

Interface subnet mask.

Discussion 0
Questions 22

Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below.

# diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB.

What should the administrator check?

Options:

A.  

The IP address recorded in the logon event for the user STUDENT.

B.  

The DNS name resolution for the workstation name INTERNAL2. TRAINING. LA

B.  

C.  

The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2. TRAINING. LAB.

D.  

The reserve DNS lookup forthe IP address 192.168.3.1.

Discussion 0
Questions 23

Refer to exhibit, which contains the output of a BGP debug command.

Which statement explains why the state of the 10.200.3.1 peer is Connect?

Options:

A.  

The local router is receiving BGP keepalives from the remote peer, but the local peer has not received the OpenConfirm yet.

B.  

The TCP session to 10.200.3.1 has not completed the three-way handshake.

C.  

The local router is receiving the BGP keepalives from the peer, but it has not received a BGP prefix yet.

D.  

The local router has received the BGP prefixes from the remote peer.

Discussion 0
Questions 24

Refer to the exhibit, which shows partial outputs from two routing debug commands.

Why is the port2 default route not in the second command output?

Options:

A.  

The port2 interface is disabled in the FortiGate configuration.

B.  

The port1 default route has a lower distance than the default route using port2.

C.  

The port1 default route has a higher priority value than the default route using port2.

D.  

The port1 default route has a lower priority value than the default route using port2.

Discussion 0