New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

NSE7_EFW-7.2 Exam Dumps - Fortinet NSE 7 - Enterprise Firewall 7.2

Go to page:
Question # 9

You want to block access to the website ww.eicar.org using a custom IPS signature.

Which custom IPS signature should you configure?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Question # 10

Refer to the exhibit, which contains a partial OSPF configuration.

What can you conclude from this output?

A.

Neighbors maintain communication with the restarting router.

B.

The router sends grace LSAs before it restarts.

C.

FortiGate restarts if the topology changes.

D.

The restarting router sends gratuitous ARP for 30 seconds.

Full Access
Question # 11

Refer to the exhibits, which show the configurations of two address objects from the same FortiGate.

Why can you modify the Engineering address object, but not the Finance address object?

A.

You have read-only access.

B.

FortiGate joined the Security Fabric and the Finance address object was configured on the root FortiGate.

C.

FortiGate is registered on FortiManager.

D.

Another user is editing the Finance address object in workspace mode.

Full Access
Question # 12

Exhibit.

Refer to the exhibit, which provides information on BGP neighbors.

Which can you conclude from this command output?

A.

The router are in the number to match the remote peer.

B.

You must change the AS number to match the remote peer.

C.

BGP is attempting to establish a TCP connection with the BGP peer.

D.

The bfd configuration to set to enable.

Full Access
Question # 13

After enabling IPS you receive feedback about traffic being dropped.

What could be the reason?

A.

Np-accel-mode is set to enable

B.

Traffic-submit is set to disable

C.

IPS is configured to monitor

D.

Fail-open is set to disable

Full Access
Question # 14

Exhibit.

Refer to the exhibit, which shows a partial touting table

What two concisions can you draw from the corresponding FortiGate configuration? (Choose two.)

A.

IPSec Tunnel aggregation is configured

B.

net-device is enabled in the tunnel IPSec phase 1 configuration

C.

OSPI is configured to run over IPSec.

D.

add-route is disabled in the tunnel IPSec phase 1 configuration.

Full Access
Question # 15

In which two ways does fortiManager function when it is deployed as a local FDS? (Choose two)

A.

lt can be configured as an update server a rating server or both

B.

It provides VM license validation services

C.

It supports rating requests from non-FortiGate devices.

D.

It caches available firmware updates for unmanaged devices

Full Access
Go to page: