ExamGecko
Search Search Login
Home Home / Fortinet / FCSS_NST_SE-7.4

Fortinet FCSS_NST_SE-7.4 Practice Test - Questions Answers, Page 3

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Exhibit. Refer to the exhibit, which contains a screenshot of some phase 1 settings. The VPN is not up. To diagnose the issue, the administrator enters the following CLI commands on an SSH session on FortiGate: However, the IKE real-time debug does not show any output. Why?
What are two reasons you might see iprope_in_check() check failed, drop when using the debug flow? (Choose two)
Which statement about parallel path processing is correct (PPP)?
Which two statements about conserve mode are true? (Choose two)
Exhibit. Refer to the exhibit, which shows the output of a session. Which two statements are true? (Choose Iwo)
Refer to the exhibit, which shows partial outputs from two routing debug commands. Which change must an administrator make on FortiGate to route web traffic from internal users to the internet, using ECMP?
Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate. Which action will FortiGate take when using the default settings for SSL certificate inspection?
Refer to the exhibit, which shows the omitted output of a session table entry. Which two statements are true? (Choose two)
Exhibit. Refer to the exhibit, which shows a partial output of diagnose hardware aysinfo memory. Which two statements about the output are true? (Choose two)
Which statement about protocol options is true?

Question 21

Report
Export
Collapse

Refer to the exhibit, which shows the output o! the BGP database.

Which two statements are correct? (Choose two)

A.

The advertised prefix of 10.20.30.0'24 was configured using the network command.

A.

The advertised prefix of 10.20.30.0'24 was configured using the network command.

Answers
B.

The first four prefixes are being advertised using a legacy route advertisement.

B.

The first four prefixes are being advertised using a legacy route advertisement.

Answers
C.

The advertised prefix of 10.20.30.0'24 is being advertised through the redistribution of another routing protocol.

C.

The advertised prefix of 10.20.30.0'24 is being advertised through the redistribution of another routing protocol.

Answers
D.

The output shows all prefixes advertised by all neighbors as well as the local router.

D.

The output shows all prefixes advertised by all neighbors as well as the local router.

Answers
Suggested answer: A, D

Question 22

Report
Export
Collapse

In which two slates is a given session categorized as ephemeral? (Choose two)

A.

A UDP session with only one packet received

A.

A UDP session with only one packet received

Answers
B.

A UOP session with packets sent and received

B.

A UOP session with packets sent and received

Answers
C.

A TCP session waiting for the SYN ACK

C.

A TCP session waiting for the SYN ACK

Answers
D.

A TCP session waiting for FIN ACK

D.

A TCP session waiting for FIN ACK

Answers
Suggested answer: A, C

Question 23

Report
Export
Collapse

Refer to the exhibit, which shows the output of get router info bgp summary.

Which two statements are true? (Choose two)

A.

The local ForliGate has received one prefix from BGP neighbor 100.64.1.254.

A.

The local ForliGate has received one prefix from BGP neighbor 100.64.1.254.

Answers
B.

The TCP connection with BGP neighbor 100.64.2.254 was successful.

B.

The TCP connection with BGP neighbor 100.64.2.254 was successful.

Answers
C.

The local FortiGate has received 18 packets from a BGP neighbor.

C.

The local FortiGate has received 18 packets from a BGP neighbor.

Answers
D.

The local FortiGate is still calculating the prefixes received from BGP neighbor 100.64.2.264

D.

The local FortiGate is still calculating the prefixes received from BGP neighbor 100.64.2.264

Answers
Suggested answer: A, C

Question 24

Report
Export
Collapse

Which exchange lakes care of DoS protection in IKEv2?

A.

Create_CHILD_SA

A.

Create_CHILD_SA

Answers
B.

IKE_Auth

B.

IKE_Auth

Answers
C.

IKE_Req_INIT

C.

IKE_Req_INIT

Answers
D.

IKE_SA_NIT

D.

IKE_SA_NIT

Answers
Suggested answer: C

Question 25

Report
Export
Collapse

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.

What two conclusions can you draw Itom the output? (Choose two)

A.

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.

A.

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.

Answers
B.

The logon event can be seen on the collector agent installed on Windows.

B.

The logon event can be seen on the collector agent installed on Windows.

Answers
C.

FSSO is using DC agent mode to detect logon events.

C.

FSSO is using DC agent mode to detect logon events.

Answers
D.

FSSO is using agentless polling mode to detect logon events.

D.

FSSO is using agentless polling mode to detect logon events.

Answers
Suggested answer: A, D

Question 26

Report
Export
Collapse

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.

If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?

A.

diagnose sniffer packet any 'udp port 500'

A.

diagnose sniffer packet any 'udp port 500'

Answers
B.

diagnose sniffer packet any 'lp proto 50'

B.

diagnose sniffer packet any 'lp proto 50'

Answers
C.

diagnose sniffer packet any 'udp port 4500'

C.

diagnose sniffer packet any 'udp port 4500'

Answers
D.

diagnose sniffer packet any 'ah'

D.

diagnose sniffer packet any 'ah'

Answers
Suggested answer: B

Question 27

Report
Export
Collapse

Refer to the exhibits.

An administrator Is expecting to receive advertised route 8.8.8.8/32 from FGT-A. On FGT-B, they confirm that the route is being advertised and received, however, the route is not being injected into the routing table. What is the most likely cause of this issue?

A.

A batter route to the 8.8.8.8/32 network exists in the routing table.

A.

A batter route to the 8.8.8.8/32 network exists in the routing table.

Answers
B.

FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.

B.

FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.

Answers
C.

The administrator has misconfigured redistribution of routes on FGT-A.

C.

The administrator has misconfigured redistribution of routes on FGT-A.

Answers
D.

FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.

D.

FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.

Answers
Suggested answer: B

Question 28

Report
Export
Collapse

Refer to the exhibit, which shows the output of a BGP debug command.

What can you conclude about the router in this scenario?

A.

The router 100.64.3.1 needs to update the local AS number in its BGP configuration in order to bring up the 8GP session with the local router.

A.

The router 100.64.3.1 needs to update the local AS number in its BGP configuration in order to bring up the 8GP session with the local router.

Answers
B.

An inbound route-map on local router is blocking the prefixes from neighbor 100.64.3.1.

B.

An inbound route-map on local router is blocking the prefixes from neighbor 100.64.3.1.

Answers
C.

All of the neighbors displayed are part of a single BGP configuration on the local router with the neighbor-range set to a value of 4.

C.

All of the neighbors displayed are part of a single BGP configuration on the local router with the neighbor-range set to a value of 4.

Answers
D.

The BGP session with peer 10.127.0.75 is up.

D.

The BGP session with peer 10.127.0.75 is up.

Answers
Suggested answer: D

Question 29

Report
Export
Collapse

Which two statements about an auxiliary session ate true? (Choose two)

A.

With the auxiliary session selling disabled, only auxiliary sessions are offloaded.

A.

With the auxiliary session selling disabled, only auxiliary sessions are offloaded.

Answers
B.

With the auxiliary session setting enabled. ECMP traffic is accelerated to the NP6 processor.

B.

With the auxiliary session setting enabled. ECMP traffic is accelerated to the NP6 processor.

Answers
C.

With the auxiliary session setting enabled. Iwo sessions are created in case of routing change.

C.

With the auxiliary session setting enabled. Iwo sessions are created in case of routing change.

Answers
D.

With the auxiliary session setting disabled, for each traffic path. FortiGate uses the same auxiliary session.

D.

With the auxiliary session setting disabled, for each traffic path. FortiGate uses the same auxiliary session.

Answers
Suggested answer: B, C

Question 30

Report
Export
Collapse

Exhibit.

Refer to the exhibit, which shows the output of diagnose automation test.

What can you observe from the output? (Choose two)

A.

The automation stitch test is not being logged.

A.

The automation stitch test is not being logged.

Answers
B.

The automation stitch test failed but the HA failover was successful.

B.

The automation stitch test failed but the HA failover was successful.

Answers
C.

An HA failover occurred.

C.

An HA failover occurred.

Answers
D.

The test was unsuccessful.

D.

The test was unsuccessful.

Answers
Suggested answer: A, D
Total 40 questions
Go to page: of 4
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms