CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_EFW-6.4

Free NSE7_EFW-6.4 Exam Braindumps (page: 3)

Page 3 of 26
PDF with 122 Questions

Examine the output of the `diagnose sys session list expectation' command shown in the exhibit; than answer the question below.



Which statement is true regarding the session in the exhibit?

  1. It was created by the FortiGate kernel to allow push updates from FotiGuard.
  2. It is for managementtraffic terminating at the FortiGate.
  3. It is for traffic originated from the FortiGate.
  4. It was created by a session helper or ALG.

Answer(s): D



An administrator cannot connect to the GIU of a FortiGate unit with the IP address
10.0.1.254. The administrator runs thedebug flow while attempting the connection using HTTP. The output of the debug flow is shown in the exhibit:




Based on the error displayed by the debug flow, which are valid reasons for this problem? (Choose two.)

  1. HTTP administrative access is disabled in the FortiGate interface with the IP address
    10.0.1.254.
  2. Redirection of HTTP to HTTPS administrative access is disabled.
  3. HTTP administrative access is configured with a port number different than 80.
  4. The packet is denied because of reverse path forwarding check.

Answer(s): A,C



A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. Theadministrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:



What should the administrator check to fix the problem?

  1. The connectivity between the FortiGate unit and the DNS server.
  2. Theconnectivity between the client workstations and the DNS server.
  3. That DNS traffic from client workstations is allowed by the explicit web proxy policies.
  4. That DNS service is enabled in the explicit web proxy interface.

Answer(s): A



View the exhibit, which contains the partial output of an IKE real time debug, and then answerthe question below.



The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?

  1. Change phase 1encryption to AESCBC and authentication to SHA128.
  2. Change phase 1 encryption to 3DES and authentication to CBC.
  3. Change phase 1 encryption to AES128 and authentication to SHA512.
  4. Change phase 1 encryption to 3DES and authentication to SHA256.

Answer(s): B



Page 3 of 26



Post your Comments and Discuss Fortinet NSE7_EFW-6.4 exam with other Community members:

Jonathan commented on June 23, 2022
Thank you brain-dumps team. Your exam dump helped me pass the exam.
UNITED STATES
upvote