NSE7_EFW-7.0試験無料問題集（165題）「Fortinet NSE 7

出題：1

Examine the output of the 'get router info ospf interface' command shown in the exhibit; then answer the question below.

Which statements are true regarding the above output? (Choose two.)

A. The local FortiGate has been elected as the OSPF backup designated router.

B. The port4 interface is connected to the OSPF backbone area.

C. There are at least 5 OSPF routers connected to the port4 network.

D. Two OSPF routers are down in the port4 network.

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which two conditions would prevent a static route from being added to the routing table? (Choose two.)

A. There is another other route to the same destination, with a lower distance.

B. The next-hop IP address is unreachable.

C. The interface specified in the route configuration is down

D. The route has a lower priority value than another route to the same destination.

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

View the exhibit, which contains the output of a web diagnose command, and then answer the question below.

Which one of the following statements explains why the cache statistics are all zeros?

A. FortiGate is using a flow-based web filter and the cache applies only to proxy-based inspection.

B. There are no users making web requests.

C. The administrator has reallocated the cache memory to a separate process.

D. The FortiGuard web filter cache is disabled in the FortiGate's configuration.

正解：D 解答を投票する

出題：4

A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:

What should the administrator check to fix the problem?

A. The connectivity between the client workstations and the DNS server.

B. The connectivity between the FortiGate unit and the DNS server.

C. That DNS traffic from client workstations is allowed by the explicit web proxy policies.

D. That DNS service is enabled in the explicit web proxy interface.

正解：B 解答を投票する

出題：5

Refer to the exhibit, which shows a session entry. Which statement about this session is true?

A. It is a TCP session in the established state, from 10.1.10.10 to 10.200.5.1.

B. It is an ICMP session from 10.1.10.10 to 10.200.5. 1.

C. It is an ICMP session from 10.1.10.10 to 10.200.1.1.

D. It is a TCP session in close_wait state, from 10. l. 10.10 to 10.200.1.1.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device.
What can the administrator do to fix this problem?

A. Configure set send-garp-on-failover enable under config system ha on both cluster members.

B. Configure set link-failed-signal enable under config system ha on both cluster members.

C. Configure remote link monitoring to detect an issue in the forwarding path.

D. Verify that the speed and duplex settings match between the FortiGate interfaces and the connected switch ports.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

View the global IPS configuration, and then answer the question below.

Which of the following statements is true regarding this configuration?

A. New packets will be passed through without inspection if the IPS socket buffer runs out of memory.

B. IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.

C. IPS will scan every byte in every session.

D. FortiGate will spawn IPS engine instances based on the system load.

正解：C 解答を投票する

出題：8

A FortiGate device has the following LDAP configuration:

The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:

Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)

A. cnid.

B. password.

C. username.

D. dn.

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

View the exhibit, which contains a session entry, and then answer the question below.

Which statement is correct regarding this session?

A. It is a TCP session in ESTABLISHED state from 10.1.10.10 to 10.200.5.1.

B. It is a TCP session in CLOSE_WAIT state from 10.1.10.10 to 10.200.1.1.

C. It is an ICMP session from 10.1.10.10 to 10.200.5.1.

D. It is an ICMP session from 10.1.10.10 to 10.200.1.1.

正解：C 解答を投票する

出題：10

Refer to the exhibit, which shows partial outputs from two routing debug commands.

Which change must an administrator make on FortiGate to route web traffic from internal users to the internet, using ECMP?

A. Set the priority of the static default route using port1 to 10. Most Voted

B. Set the priority of the static default route using port2 to 1.

C. Set preserve-session-route to enable.

D. Set snat-route-change to enable.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE7_EFW-7.0試験無料問題集「Fortinet NSE 7 - Enterprise Firewall 7.0 認定」