QUESTION: 13

Which exchange lakes care of DoS protection in IKEv2?

Create_CHILD_SA
IKE_Auth
IKE_Req_INIT
IKE_SA_NIT

Answer(s): C

QUESTION: 14

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.

What two conclusions can you draw Itom the output? (Choose two.)

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.
The logon event can be seen on the collector agent installed on Windows.
FSSO is using DC agent mode to detect logon events.
FSSO is using agentless polling mode to detect logon events.

Answer(s): A,D

Reveal Solution Next Question

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.
If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?

diagnose sniffer packet any 'udp port 500'
diagnose sniffer packet any 'lp proto 50'
diagnose sniffer packet any 'udp port 4500'
diagnose sniffer packet any 'ah'

Answer(s): B

Reveal Solution Next Question

QUESTION: 16

Refer to the exhibits.

An administrator Is expecting to receive advertised route 8.8.8.8/32 from FGT-

On FGT-B, they confirm that the route is being advertised and received, however, the route is not being injected into the routing table.
What is the most likely cause of this issue?
A batter route to the 8.8.8.8/32 network exists in the routing table.
FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.
The administrator has misconfigured redistribution of routes on FGT-A.
FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.

Answer(s): B

Reveal Solution Next Question

Free FCSS_NST_SE-7.4 Exam Braindumps (page: 5)

QUESTION: 13

QUESTION: 14

QUESTION: 15

QUESTION: 16

FCSS_NST_SE-7.4 Exam Discussions & Posts