Fortinet nse7-efw-7-0 practice test

Refer to the exhibit, which contains partial output from an IKE real-time debug.

Why did the tunnel not come up?

• A. The local gateway has configured less secure encryption and hashing algorithms compared to the remote gateway.
• B. The Diffie-Hellman group does not match on the local and remote gateways.
• C. The proposal ID does not match between local and remote gateways.
• D. The encapsulation method for phase 2 is set to none on local and remote gateways.

Refer to the exhibit, which shows a session entry.

Which statement about this session is true?

• A. It is an ICMP session from 10.1.10.10 to 10.200.1.1.
• B. Return traffic to the initiator is sent to 10.1.0.1.
• C. It is an ICMP session from 10.1.10.1 to 10.200.5.1.
• D. Return traffic to the initiator is sent to 10.200.1.254.

What is the diagnose test application ipsmenitor 5 command used for?

• A. To enable IPS bypass mode
• B. To disable the IPS engine
• C. To restart all IPS engines and monitors
• D. To provide information regarding IPS sessions

Which two conditions would prevent a static route from being added to the routing table? (Choose two.)

• A. There is another other route to the same destination, with a lower distance.
• B. The route has a lower priority value than another route to the same destination.
• C. The next-hop IP address is unreachable.
• D. The interface specified in the route configuration is down.

Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.

An administrator would like to test session failover between the two service provider connections.
What changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)

• A. Configure set snat-route-change enable.
• B. Change the priority of the port2 static route to 5.
• C. Change the priority of the port1 static route to 11.
• D. unset snat-route-change to return it to the default setting.

Which two statements about conserve mode are true? (Choose two.)

• A. FortiGate starts taking the configured action for new sessions requiring content inspection when the system memory reaches the configured red threshold.
• B. FortiGate starts dropping all new sessions when the system memory reaches the configured red threshold.
• C. FortiGate enters conserve mode when the system memory reaches the configured extreme threshold.
• D. FortiGate exits conserve mode when the system memory goes below the configured green threshold.

An administrator has created a VPN community within VPN Manager on FortiManager. They also added gateways to the VPN community and are now trying to create firewall policies to permit traffic over the tunnel; however, the VPN interfaces are not listed as available options.
What step must the administrator take to resolve this issue?

• A. Install the VPN community and gateway configuration to the FortiGate devices, in order for the interfaces to be displayed within Policy & Objects on FortiManager
• B. Set up all of the phase 1 settings in the VPN community that they neglected to set up initially. The interfaces will be automatically generated after the administrator configures all of the required settings.
• C. Refresh the device status from the Device Manager so that FortiGate will populate the IPsec interfaces.
• D. Create interface mappings for the IPsec VPN interfaces, before they can be used in a policy.

In which two ways does FortiManager function when it is deployed as a local FDS? (Choose two.)

• A. It provides VM license validation services.
• B. It supports rating requests from non-FortiGate devices.
• C. It caches available firmware updates for unmanaged devices.
• D. It can be configured as an update server, a rating server, or both.

Which two statements about the Security Fabric are true? (Choose two.)

• A. Only the root FortiGate collects network topology information and forwards it to FortiAnalyzer.
• B. Only the root FortiGate sends logs to FortiAnalyzer.
• C. Only FortiGate devices with fabric-object-unification set to default will receive and synchronize global CMDB objects sent by the root FortiGate.
• D. FortiGate uses FortiTelemetry protocol to communicate with FortiAnalyzer.

Refer to the exhibit, which shows a session table entry.

Which statement about FortiGate behavior relating to this session is true?

• A. FortiGate redirected the client to the captive portal to authenticate, so that a correct policy match could be made.
• B. FortiGate forwarded this session without any inspection.
• C. FortiGate is performing security profile inspection using the CPU.
• D. FortiGate applied only IPS inspection to this session.