CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_EFW-6.4

Free NSE7_EFW-6.4 Exam Braindumps (page: 6)

Page 6 of 26
PDF with 122 Questions

AFortiGate's portl is connected to a private network. Its port2 is connected to the Internet. Explicit web proxy is enabled in port1 and only explicit web proxy users can access the Internet. Web cache is NOT enabled. An internal web proxy user is downloading a file from the Internet via HTTP.
Which statements are true regarding the two entries in the FortiGate session table related with this traffic? (Choose two.)

  1. Both session have the local flag on.
  2. The destination IP addresses of both sessions are IP addresses assigned to FortiGate'sinterfaces.
  3. One session has the proxy flag on, the other one does not.
  4. One of the sessions has the IP address of port2 as the source IP address.

Answer(s): A,D



Which two configuration settings change the behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)

  1. IPS failopen
  2. mem failopen
  3. AV failopen
  4. UTM failopen

Answer(s): A,C



What does the dirty flag mean in aFortiGate session?

  1. Traffic has been blocked by the antivirus inspection.
  2. The next packet must be re-evaluated against the firewall policies.
  3. The session must be removed from the former primary unit after an HA failover.
  4. Traffic has been identified as from an application that is not allowed.

Answer(s): B


Reference:

https://kb.fortinet.com/kb/viewContent.do?externalId=FD40119&sliceId=1



Which two conditions must be met for a statistic route to be active in the routing table? (Choose two.)

  1. The link health monitor (if configured) is up.
  2. There is no other route, to the same destination, with a higherdistance.
  3. The outgoing interface is up.
  4. The next-hop IP address is up.

Answer(s): A,C



Page 6 of 26



Post your Comments and Discuss Fortinet NSE7_EFW-6.4 exam with other Community members:

Jonathan commented on June 23, 2022
Thank you brain-dumps team. Your exam dump helped me pass the exam.
UNITED STATES
upvote