Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_EFW-6.4 - Fortinet NSE 7 - Enterprise Firewall 7.0
Note! Following NSE7_EFW-6.4 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is NSE7_EFW-7.0

NSE7_EFW-6.4 Exam Dumps - Fortinet NSE 7 - Enterprise Firewall 7.0

Go to page:
Question # 9

Which two statements about OCVPN are true? (Choose two.)

A.

Only root vdom supports OCVPN.

B.

OCVPN supports static and dynamic IPs in WAN interface.

C.

OCVPN offers only Hub-Spoke VPNs.

D.

FortiGate devices under different FortiCare accounts can be used to form OCVPN.

Full Access
Question # 10

What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?

A.

av-failopen

B.

mem-failopen

C.

utm-failopen

D.

ips-failopen

Full Access
Question # 11

Refer to the exhibit, which contains partial output from an IKE real-time debug.

Which two statements about this debug output are correct? (Choose two.)

A.

The remote gateway IP address is 10.0.0.1.

B.

The initiator provided remote as its IPsec peer ID.

C.

It shows a phase 1 negotiation.

D.

The negotiation is using AES128 encryption with CBC hash.

Full Access
Question # 12

Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below.

Which IP addresses are included in the output of this command?

A.

Those whose traffic matches a DoS policy.

B.

Those whose traffic matches an IPS sensor.

C.

Those whose traffic exceeded a threshold of a matching DoS policy.

D.

Those whose traffic was detected as an anomaly by an IPS sensor.

Full Access
Question # 13

Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router The second unit is elected as the backup designated router Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?

A.

1

B.

2

C.

3

D.

4

Full Access
Question # 14

Which statement is true regarding File description (FD) conserve mode?

A.

IPS inspection is affected when FortiGate enters FD conserve mode.

B.

A FortiGate enters FD conserve mode when the amount of available description is less than 5%.

C.

FD conserve mode affects all daemons running on the device.

D.

Restarting the WAD process is required to leave FD conserve mode.

Full Access
Question # 15

An administrator is running the following sniffer in a FortiGate:

diagnose sniffer packet any “host 10.0.2.10” 2

What information is included in the output of the sniffer? (Choose two.)

A.

Ethernet headers.

B.

IP payload.

C.

IP headers.

D.

Port names.

Full Access
Question # 16

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

A.

Group ID.

B.

Group name.

C.

Session pickup.

D.

Gratuitous ARPs.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps