• Home
  • Articles
  • Get Prepared for Your NSE7_EFW-6.4 Exam With Actual 124 Questions [Q37-Q59]

Get Prepared for Your NSE7_EFW-6.4 Exam With Actual 124 Questions [Q37-Q59]

Share

Get Prepared for Your NSE7_EFW-6.4 Exam With Actual 124 Questions

Valid NSE7_EFW-6.4 Test Answers Full-length Practice Certification Exams

NEW QUESTION # 37
Examine the output of the 'diagnose debug rating' command shown in the exhibit; then answer the question below.

Which statement are true regarding the output in the exhibit? (Choose two.)

  • A. FortiGate will send the FortiGuard queries to the server with highest weight.
  • B. The TZ value represents the delta between each FortiGuard server's time zone and the FortiGate's time zone.
  • C. A server's round trip delay (RTT) is not used to calculate its weight.
  • D. There are three FortiGuard servers that are not responding to the queries sent by the FortiGate.

Answer: A,B


NEW QUESTION # 38
Refer to the exhibit, which contains the partial output of a diagnose command.

Based on the output, which two statements are correct? (Choose two.)

  • A. The remote gateway IP is 10.200.4.1.
  • B. Quick mode selectors are disabled.
  • C. Anti-replay is enabled
  • D. DPD is disabled.

Answer: A,C


NEW QUESTION # 39
Examine the output from the 'diagnose vpn tunnel list' command shown in the exhibit; then answer the question below.

Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?

  • A. diagnose sniffer packet any 'port 4500'
  • B. diagnose sniffer packet any 'host 10.0.10.10'
  • C. diagnose sniffer packet any 'port 500'
  • D. diagnose sniffer packet any 'esp'

Answer: A

Explanation:
NAT-T is enabled. natt: mode=silent Protocol ESP is used. ESP is encapsulated in UDP port 4500 when NAT-T is enabled.
natt: mode=silent means IPSec is behind NAT (NAT traversal) https://kb.fortinet.com/kb/documentLink.do?externalID=FD48755


NEW QUESTION # 40
An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device. The administrator decides to enable the setting link-failed-signal to fix the problem.
Which statement about this setting is true?

  • A. It forces the former primary device to shut down all its non-heartbeat interfaces for one second, while the failover occurs.
  • B. It sends a link failed signal to all connected devices.
  • C. It disabled all the non-heartbeat interfaces in all HA members for two seconds after a failover.
  • D. It sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.

Answer: A


NEW QUESTION # 41
An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

  • A. diagnose sniffer packet any 'esp'
  • B. diagnose sniffer packet any 'udp port 4500'
  • C. diagnose sniffer packet any 'udp port 500 or udp port 4500'
  • D. diagnose sniffer packet any 'udp port 500'

Answer: A

Explanation:
Capture IKE Traffic without NAT: diagnose sniffer packet 'host and udp port 500' -------------------------------------- Capture ESP Traffic without NAT: diagnose sniffer packet any 'host and esp' -------------------------------------- Capture IKE and ESP with NAT-T: diagnose sniffer packet any 'host and (udp port 500 or udp port 4500)'


NEW QUESTION # 42
Examine the output of the 'get router info bgp summary' command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

  • A. The local BGP peer has received a total of 3 BGP prefixes.
  • B. BGP state of the peer 10.125.0.60 is Established.
  • C. Local BGP peer has not received an OpenConfirm from 10.200.3.1.
  • D. BGP peer 10.200.3.1 has never beendown since the BGP counters were cleared.

Answer: B,C


NEW QUESTION # 43
An administrator has enabled HA session synchronization in a HA cluster with two members. Which flag is added to a primary unit's session to indicate that it has been synchronized to the secondary unit?

  • A. dirty.
  • B. redir.
  • C. synced
  • D. nds.

Answer: C

Explanation:
Explanation
The synced sessions have the 'synced' flag. The command 'diag sys session list' can be used to see the sessions on the member, with the associated flags.


NEW QUESTION # 44
Refer to the exhibit, which contains partial output from an IKE real-time debug.

Based on the debug output, which phase 1 setting is enabled in the configuration of this VPN?

  • A. auto-discovery-sender
  • B. auto-discovery-shortcut
  • C. auto-discovery-forwarder
  • D. auto-discovery-receiver

Answer: A


NEW QUESTION # 45
Examine the following partial output from two system debug commands; then answer the question below.


Which of the following statements are true regarding the above outputs? (Choose two.)

  • A. Kernel indirectly accesses the low memory (LowTotal) through memory paging
  • B. The Cached value is always the Active value plus the Inactive value
  • C. The unit is running a 32-bit FortiOS
  • D. The unit is in kernel conserve mode

Answer: B,C


NEW QUESTION # 46
View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.

Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

  • A. auto-discovery-shortcut
  • B. auto-discovery-forwarder
  • C. auto-discovery-sender
  • D. auto-discovery-receiver

Answer: B


NEW QUESTION # 47
View the exhibit, which contains the output of a real-time debug, and then answer the question below.

Which of the following statements is true regarding this output? (Choose two.)

  • A. FortiGate found the requested URL in its local cache.
  • B. The requested URL belongs to category ID 52.
  • C. The web request was allowed by FortiGate.
  • D. This web request was inspected using the root web filter profile.

Answer: A,B


NEW QUESTION # 48
View the exhibit, which contains a partial routing table, and then answer the question below.

Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

  • A. Source IP address 10.1.0.24, Destination IP address 10.72.3.20.
  • B. Source IP address 10.72.3.52, Destination IP address 10.1.0.254.
  • C. Source IP address 10.72.3.27, Destination IP address 10.1.0.52.
  • D. Source IP address 10.73.9.10, Destination IP address 10.72.3.15.

Answer: B,C


NEW QUESTION # 49
Which two statements about an auxiliary session are true? (Choose two.)

  • A. With the auxiliary session setting enabled, ECMP traffic is accelerated to the NP6 processor.
  • B. With the auxiliary session setting disabled, for each traffic path, FortiGate will use the same auxiliary session.
  • C. With the auxiliary session setting enabled, two sessions will be created in case of routing change.
  • D. With the auxiliary session disabled, only auxiliary sessions will be offloaded.

Answer: B,D


NEW QUESTION # 50
Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command.

Based on the output, which two statements are correct? (Choose two.)

  • A. Phase 2 authentication is set to sha1 on both sides.
  • B. Hub2Spoke1 is configured on interface wan2.
  • C. Hub2Spoke1 is a policy-based VPN.
  • D. Anti-replay is disabled.

Answer: A,B


NEW QUESTION # 51
Refer to the exhibit, which shows the output of a debug command.

Which two statements about the output are true? (Choose two.)

  • A. In the network connected to port4, two OSPF routers are down.
  • B. The local FortiGate is the backup designated router.
  • C. The local FortiGate OSPF router ID is 0.0.0.4.
  • D. Port4 is connected to the OSPF backbone area.

Answer: C,D

Explanation:
Area 0.0.0.0 is the backbone area.


NEW QUESTION # 52
Examine thefollowing partial outputs from two routing debug commands; then answer the question below:

Why the default route using port2 is not displayed in the output of the second command?

  • A. It is disabled in the FortiGate configuration.
  • B. It hasa higher priority than the default route using port1.
  • C. It has a higher distance than the default route using port1.
  • D. It has a lower priority than the default route using port1.

Answer: C

Explanation:
Explanation
http://kb.fortinet.com/kb/viewContent.do?externalId=FD32103


NEW QUESTION # 53
Refer to the exhibit, which contains the output of diagnose sys session list.

If the HA ID for the primary unit is zero (0), which statement about the output is true?

  • A. This session cannot be synced with the slave unit.
  • B. The master unit is processing this traffic.
  • C. The inspection of this session has been offloaded to the slave unit.
  • D. This session is for HA heartbeat traffic.

Answer: B


NEW QUESTION # 54
Refer to the exhibit, which contains partial output from an IKE real-time debug.

Based on the debug output, which phase 1 setting is enabled in the configuration of this VPN?

  • A. auto-discovery-shortcut
  • B. auto-discovery-forwarder
  • C. auto-discovery-receiver
  • D. auto-discovery-sender

Answer: C

Explanation:
Reference:
First the Spoke receives SHORTCUT_OFFER, it respondes with sending shortcut-query. AT the end it receives SHORTCUT_REPLY and creates new dynamic tunnel (H2S_0_0).


NEW QUESTION # 55
View the exhibit, which contains theoutput of get sys ha status, and then answer the question below.

Which statements are correct regarding the output? (Choose two.)

  • A. The HA management IP is 169.254.0.2.
  • B. port 7 is used the HA heartbeat on all devices in the cluster.
  • C. Master is selected because it is the only device in the cluster.
  • D. The slave configuration is not synchronized with the master.

Answer: B,D


NEW QUESTION # 56
A FortiGate device has the following LDAP configuration:

The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:

Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)

  • A. cnid.
  • B. dn.
  • C. password.
  • D. username.

Answer: C,D

Explanation:
https://kb.fortinet.com/kb/viewContent.do?externalId=13141


NEW QUESTION # 57
Examine the IPsec configuration shown in the exhibit; then answer the question below.

An administrator wants to monitor the VPN by enabling theIKE real time debug using these commands:
diagnose vpn ike log-filter src-addr4 10.0.10.1
diagnose debug application ike -1
diagnose debug enable
The VPN is currently up, there is no traffic crossing the tunnel and DPD packets are beinginterchanged between both IPsec gateways. However, the IKE real time debug does NOT show any output. Why isn't there any output?

  • A. The IKE real time debug shows the phase 1 negotiation only. For information after that, the administrator must use the IPsec real time debug instead: diagnose debug application ipsec -1.
  • B. The log-filter setting is set incorrectly. The VPN's traffic does not match this filter.
  • C. The IKE real time debug shows error messages only. If it does not provide any output, it indicates that the tunnel is operating normally.
  • D. The IKE real time shows the phases 1 and 2 negotiations only. It does not show any more output once the tunnel is up.

Answer: B


NEW QUESTION # 58
What events are recorded in the crashlogs of a FortiGate device? (Choose two.)

  • A. Changes in the status of any of the FortiGuard licenses.
  • B. System entering to and leaving from the proxy conserve mode.
  • C. Configuration changes.
  • D. A process crash.

Answer: B,D

Explanation:
diagnose debug crashlog read
275: 2014-08-05 13:03:53 proxy=acceptor service=imap session fail mode=activated 276: 2014-08-05 13:03:53 proxy=acceptor service=ftp session fail mode=activated 277: 2014-08-05 13:03:53 proxy=acceptor service=nntp session fail mode=activated 278: 2014-08-06 11:05:47 service=kernel conserve=on free="45034 pages" red="45874 pages" msg="Kernel 279: 2014-08-06 11:05:47 enters conserve mode" 280: 2014-08-06 13:07:16 service=kernel conserve=exit free="86704 pages" green="68811 pages" 281: 2014-08-06 13:07:16 msg="Kernel leaves conserve mode" 282: 2014-08-06 13:07:16 proxy=imd sysconserve=exited total=1008 free=349 marginenter=201 283: 2014-08-06 13:07:16 marginexit=302


NEW QUESTION # 59
......

Accurate & Verified 2023 New NSE7_EFW-6.4 Answers As Experienced in the Actual Test!: https://www.testkingfree.com/Fortinet/NSE7_EFW-6.4-practice-exam-dumps.html

NSE7_EFW-6.4 Certification Sample Questions certification Exam: https://drive.google.com/open?id=1sTSFAZqQgPifCHJnH1s9cC2z5T0apeld

Related Articles

more
Fortinet NSE7_EFW-6.4 Certification Practice Exam