Fortinet fcss nst se 7 4 practice test

In which two slates is a given session categorized as ephemeral? (Choose two.)

• A. A UDP session with only one packet received
• B. A UOP session with packets sent and received
• C. A TCP session waiting for the SYN ACK
• D. A TCP session waiting for FIN ACK

Refer to the exhibit, which shows the output of get router info bgp summary.

Which two statements are true? (Choose two.)

• A. The local ForliGate has received one prefix from BGP neighbor 100.64.1.254.
• B. The TCP connection with BGP neighbor 100.64.2.254 was successful.
• C. The local FortiGate has received 18 packets from a BGP neighbor.
• D. The local FortiGate is still calculating the prefixes received from BGP neighbor 100.64.2.264

Which exchange lakes care of DoS protection in IKEv2?

• A. Create_CHILD_SA
• B. IKE_Auth
• C. IKE_Req_INIT
• D. IKE_SA_NIT

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.

What two conclusions can you draw Itom the output? (Choose two.)

• A. The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.
• B. The logon event can be seen on the collector agent installed on Windows.
• C. FSSO is using DC agent mode to detect logon events.
• D. FSSO is using agentless polling mode to detect logon events.

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the
built-in sniffer.
If the administrator knows that there Is no NAT device located between both FortiGate devices,
which command should the administrator run?

• A. diagnose sniffer packet any 'udp port 500'
• B. diagnose sniffer packet any 'lp proto 50'
• C. diagnose sniffer packet any 'udp port 4500'
• D. diagnose sniffer packet any 'ah'

Refer to the exhibits.

An administrator Is expecting to receive advertised route 8.8.8.8/32 from FGT-

• A. A batter route to the 8.8.8.8/32 network exists in the routing table.
• B. FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.
• C. The administrator has misconfigured redistribution of routes on FGT-A.
• D. FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.

Refer to the exhibit, which shows the output of a BGP debug command.

What can you conclude about the router in this scenario?

• A. The router 100.64.3.1 needs to update the local AS number in its BGP configuration in order to bring up the 8GP session with the local router.
• B. An inbound route-map on local router is blocking the prefixes from neighbor 100.64.3.1.
• C. All of the neighbors displayed are part of a single BGP configuration on the local router with the neighbor-range set to a value of 4.
• D. The BGP session with peer 10.127.0.75 is up.

Which two statements about an auxiliary session ate true? (Choose two.)

• A. With the auxiliary session selling disabled, only auxiliary sessions are offloaded.
• B. With the auxiliary session setting enabled. ECMP traffic is accelerated to the NP6 processor.
• C. With the auxiliary session setting enabled. Iwo sessions are created in case of routing change.
• D. With the auxiliary session setting disabled, for each traffic path. FortiGate uses the same auxiliary session.

Exhibit.

Refer to the exhibit, which contains a screenshot of some phase 1 settings.
The VPN is not up. To diagnose the issue, the administrator enters the following CLI commands on an
SSH session on FortiGate:

However, the IKE real-time debug does not show any output. Why?

• A. The administrator must also run the command diagnose debug enable.
• B. The debug shows only error messages. If there is no output, then the phase 1 and phase 2 configurations match.
• C. The log-filter setting is incorrect. The VPN traffic does not match this filter.
• D. Replace diagnose debug application ike -1 with diagnose debug application ipsec -1.

Which two statements are true regarding heartbeat messages sent from an FSSO collector agent to
FortiGate? (Choose two.)

• A. The heartbeat messages can be seen using the command diagnose debug authd fsso list.
• B. The heartbeat messages can be seen in the collector agent logs.
• C. The heartbeat messages can be seen on FortiGate using the real-lime FSSO debug.
• D. The heartbeat messages must be manually enabled on FortiGate.