Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_EFW-7.0

Free Fortinet NSE7_EFW-7.0 Exam Questions (page: 11)

Page 8 of 42
PDF with 163 Questions

Refer to the exhibit, which contains partial output from an IKE real-time debug.



Which two statements about this debug output are correct? (Choose two.)

  1. The initiator provided remote as its IPsec peer ID.
  2. It shows a phase 2 negotiation.
  3. Perfect Forward Secrecy (PFS) is enabled in the configuration.
  4. The local gateway IP address is 10.0.0.1.

Answer(s): A,D

Explanation:

A because : received peer identifier FQDN 'remote' D because : ike 0: comes 10.0.0.2:500 -> 10.0.0.1:500



Which ADVPN configuration must be configured using a script on FortiManager, when using VPN

Manager to manage FortiGate VPN tunnels?

  1. Set protected network to all
  2. Enable AD-VPN in IPsec phase 1
  3. Configure IP addresses on IPsec virtual interfaces
  4. Disable add-route on hub

Answer(s): B



Refer to the exhibit, which shows the output of a diagnose command



What can you conclude from the RTT value?

  1. Its value represents the time it takes to receive a response after a rating request is sent to a particular server.
  2. Its value is incremented with each packet lost.
  3. It determines which FortiGuard server is used for license validation.
  4. Its initial value is statically set to 10.

Answer(s): A



Refer to the exhibit, which shows the output of a BGP debug command.



What can be concluded about the router in this scenario?

  1. The router 100.64.3.1 needs to update the local AS number in its BGP configuration in order to bring up the BGP session with the local router.
  2. The State/PfxRcd for neighbor 100.64.3.1 will not change until an administrator on the local router adjusts the inbound route filtering so that prefixes received can be added to the RI
  3. All of the neighbors displayed are part of a single BGP configuration on the local router with the neighbor-range set to a value of 4.
  4. The BGP session with peer 10.127.0.75 is up.

Answer(s): D



Viewing page 11 of 42



Post your Comments and Discuss Fortinet NSE7_EFW-7.0 exam prep with other Community members:

NSE7_EFW-7.0 Exam Discussions & Posts