Free NSE7_EFW-6.2 Exam Braindumps (page: 3)

Page 3 of 24

View the IPS exit log, and then answer the question below.
# diagnose test application ipsmonitor 3
ipsengine exit log"
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017
code = 11, reason: manual
What is the status of IPS on this FortiGate?

  1. IPS engine memory consumption has exceeded the model-specific predefined value.
  2. IPS daemon experienced a crash.
  3. There are communication problems between the IPS engine and the management database.
  4. All IPS-related features have been disabled in FortiGate's configuration.

Answer(s): D

Explanation:

The command diagnose test application ipsmonitor includes many options that are useful for troubleshooting purposes.Option 3 displays the log entries generated every time an IPS engine process stopped. There are various reasons why these logs are generated:Manual: Because of the configuration, IPS no longer needs to run (that is, all IPS-releated features have been disabled)



An administrator wants to capture ESP trafficbetween two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

  1. diagnose sniffer packet any `udp port 500'
  2. diagnose sniffer packet any `udp port 4500'
  3. diagnose sniffer packet any `esp'
  4. diagnose sniffer packet any `udp port 500 or udp port 4500'

Answer(s): C



Examine the following partial output from a sniffer command; then answer the question below.



What is the meaning of the packetsdropped counter at the end of the sniffer?

  1. Number of packets that didn't match the sniffer filter.
  2. Number of total packets dropped by the FortiGate.
  3. Number of packets that matched the sniffer filter and were dropped by the FortiGate.
  4. Number ofpackets that matched the sniffer filter but could not be captured by the sniffer.

Answer(s): D

Explanation:

https://kb.fortinet.com/kb/documentLink.do?externalID=11655



Examine the output from the `diagnose vpn tunnel list' command shown inthe exhibit; then answer the question below.

Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?

  1. diagnose sniffer packet any `port 500'
  2. diagnose sniffer packet any `esp'
  3. diagnose sniffer packet any `host10.0.10.10'
  4. diagnose sniffer packet any `port 4500'

Answer(s): D

Explanation:

NAT-T is enabled. natt: mode=silentProtocol ESP is used. ESP is encapsulated in UDP port 4500 when NAT-T is enabled.



Page 3 of 24



Post your Comments and Discuss Fortinet NSE7_EFW-6.2 exam with other Community members:

FortiCareful commented on December 05, 2024
The exam prep material was very helpful in targeting the areas of the exam that I needed to concentrate on. I passed my exam easily.
UNITED STATES
upvote