NSE7_EFW-7.0試験無料問題集「Fortinet NSE 7 - Enterprise Firewall 7.0 認定」

A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:

What should the administrator check to fix the problem?

An administrator has configured the following CLI script on FortiManager, which failed to apply any changes to the managed device after being executed.

Why didn't the script make any changes to the managed device?

解説: (GoShiken メンバーにのみ表示されます)
An administrator cannot connect to the GIU of a FortiGate unit with the IP address 10.0.1.254. The administrator runs the debug flow while attempting the connection using HTTP. The output of the debug flow is shown in the exhibit:

Based on the error displayed by the debug flow, which are valid reasons for this problem? (Choose two.)

Refer to the exhibit, which contains the output of diagnose sys session list.

If the HA ID for the primary unit is zero (0), which statement about the output is true?

View the exhibit, which contains a partial routing table, and then answer the question below.

Assuming all the appropriate firewall policies are configured, which of the following pings will FortiGate route? (Choose two.)

Which three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

正解:A,B,C 解答を投票する
解説: (GoShiken メンバーにのみ表示されます)
Which two configuration commands change the default behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)

解説: (GoShiken メンバーにのみ表示されます)
What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

An administrator added the following Ipsec VPN to a FortiGate configuration:
configvpn ipsec phasel -interface
edit "RemoteSite"
set type dynamic
set interface "portl"
set mode main
set psksecret ENC LCVkCiK2E2PhVUzZe
next
end
config vpn ipsec phase2-interface
edit "RemoteSite"
set phasel name "RemoteSite"
set proposal 3des-sha256
next
end
However, the phase 1 negotiation is failing. The administrator executed the IKF real time debug while attempting the Ipsec connection. The output is shown in the exhibit.


What is causing the IPsec problem in the phase 1 ?

Refer to the exhibit, which contains the partial output of a diagnose command.

Based on the output, which two statements are correct? (Choose two.)