Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
MuleSoft
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_EFW-6.4

Free NSE7_EFW-6.4 Exam Braindumps (page: 14)

Page 3 of 32
PDF with 122 Questions

An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs.
When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions.
Which TCP session timer must be increased to fix this problem?

  1. TCP half open.
  2. TCP half close.
  3. TCP time wait.
  4. TCP session time to live.

Answer(s): A

Explanation:

http://docs-
legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&fil e=CLI_get_Commands.58.25.html
The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACK remains in the table.
The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACK remains in the table.
The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in the table. A closed session remains in the session table for a few seconds more to allow any out-of- sequence packet.



An administrator is running the following sniffer in a FortiGate:

diagnose sniffer packet any "host 10.0.2.10" 2

What information is included in the output of the sniffer? (Choose two.)

  1. Ethernet headers.
  2. IP payload.
  3. IP headers.
  4. Port names.

Answer(s): B,C

Explanation:

https://kb.fortinet.com/kb/documentLink.do?externalID=11186



Examine the partial output from two web filter debug commands; then answer the question below:



Based on the above outputs, which is the FortiGuard web filter category for the web site www.fgt99.com?

  1. Finance and banking
  2. General organization.
  3. Business.
  4. Information technology.

Answer(s): C



Examine the output of the `get router info ospf interface' command shown in the exhibit; then answer the question below.



Which statements are true regarding the above output? (Choose two.)

  1. The port4 interface is connected to the OSPF backbone area.
  2. The local FortiGate has been elected as the OSPF backup designated router.
  3. There are at least 5 OSPF routers connected to the port4 network.
  4. Two OSPF routers are down in the port4 network.

Answer(s): A,C

Explanation:

on BROADCAST network there are 4 neighbors, among which 1*DR +1*BDR. So our FG has 4 neighbors, but create adjacency only with 2 (with DR and BDR). 2 neighbors DRother (not down).






Post your Comments and Discuss Fortinet NSE7_EFW-6.4 exam prep with other Community members:

NSE7_EFW-6.4 Exam Discussions & Posts