ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_EFW-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit, which shows two configured FortiGate devices and peering over FGSP. The main link directly connects the two FortiGate devices and is configured using the set session-syn-dev <interface> command. What is the primary reason to configure the main link?
Which, three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
Exhibit. Refer to the exhibit, which contains a partial policy configuration. Which setting must you configure to allow SSH?
Which FortiGate in a Security I auric sends togs to FortiAnalyzer?
Exhibit. Refer to the exhibit, which shows information about an OSPF interlace What two conclusions can you draw from this command output? (Choose two.)
Which two statements about metadata variables are true? (Choose two.)
Which two statements about IKE vision 2 are true? (Choose two.)
Refer to the exhibits, which contain the network topology and BGP configuration for a hub. Exhibit A. Exhibit B. An administrator is trying to configure ADVPN with a hub and spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however the spokes are not receiving route information from each other. What change must the administrator make to the hub BGP configuration so that the routes learned from one spoke are forwarded to the other spoke?
Refer to the exhibit. which contains a partial configuration of the global system. What can you conclude from this output?
Refer to the exhibit, which shows a network diagram. Which IPsec phase 2 configuration should you impalement so that only one remote site is connected at any time?

Question 34 - NSE7_EFW-7.2 discussion

Report
Export

Exhibit.

Refer to the exhibit, which contains a partial policy configuration.

Which setting must you configure to allow SSH?

A.
Specify SSH in the Service field
Answers
A.
Specify SSH in the Service field
B.
Configure pot 22 in the Protocol Options field.
Answers
B.
Configure pot 22 in the Protocol Options field.
C.
Include SSH in the Application field
Answers
C.
Include SSH in the Application field
D.
Select an application control profile corresponding to SSH in the Security Profiles section
Answers
D.
Select an application control profile corresponding to SSH in the Security Profiles section
Suggested answer: A

Explanation:

Option A is correct because to allow SSH, you need to specify SSH in the Service field of the policy configuration.This is because the Service field determines which types of traffic are allowed by the policy1. By default, the Service field is set to App Default, which means that the policy will use the default ports defined by the applications.However, SSH is not one of the default applications, so you need to specify it manually or create a custom service for it2.

Option B is incorrect because configuring port 22 in the Protocol Options field is not enough to allow SSH.The Protocol Options field allows you to customize the protocol inspection and anomaly protection settings for the policy3. However, this field does not override the Service field, which still needs to match the traffic type.

Option C is incorrect because including SSH in the Application field is not enough to allow SSH.The Application field allows you to filter the traffic based on the application signatures and categories4. However, this field does not override the Service field, which still needs to match the traffic type.

Option D is incorrect because selecting an application control profile corresponding to SSH in the Security Profiles section is not enough to allow SSH. The Security Profiles section allows you to apply various security features to the traffic, such as antivirus, web filtering, IPS, etc. However, this section does not override the Service field, which still needs to match the traffic type.Reference: =

1: Firewall policies

2: Services

3: Protocol options profiles

4: Application control

Show Answer
asked 18/09/2024
Juan Jose Montero Caletrio
30 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms