ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_EFW-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit, which shows two configured FortiGate devices and peering over FGSP. The main link directly connects the two FortiGate devices and is configured using the set session-syn-dev <interface> command. What is the primary reason to configure the main link?
Exhibit. Refer to the exhibit, which contains a partial policy configuration. Which setting must you configure to allow SSH?
Which, three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
Which FortiGate in a Security I auric sends togs to FortiAnalyzer?
Exhibit. Refer to the exhibit, which shows information about an OSPF interlace What two conclusions can you draw from this command output? (Choose two.)
Refer to the exhibit. which contains a partial configuration of the global system. What can you conclude from this output?
Which two statements about metadata variables are true? (Choose two.)
Refer to the exhibit, which shows a network diagram. Which IPsec phase 2 configuration should you impalement so that only one remote site is connected at any time?
Which two statements about IKE vision 2 are true? (Choose two.)
Refer to the exhibits, which contain the network topology and BGP configuration for a hub. Exhibit A. Exhibit B. An administrator is trying to configure ADVPN with a hub and spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however the spokes are not receiving route information from each other. What change must the administrator make to the hub BGP configuration so that the routes learned from one spoke are forwarded to the other spoke?

Question 37 - NSE7_EFW-7.2 discussion

Report
Export

Exhibit.

Refer to the exhibit, which contains a partial VPN configuration.

What can you conclude from this configuration1?

A.
FortiGate creates separate virtual interfaces for each dial up client.
Answers
A.
FortiGate creates separate virtual interfaces for each dial up client.
B.
The VPN should use the dynamic routing protocol to exchange routing information Through the tunnels.
Answers
B.
The VPN should use the dynamic routing protocol to exchange routing information Through the tunnels.
C.
Dead peer detection s disabled.
Answers
C.
Dead peer detection s disabled.
D.
The routing table shows a single IPSec virtual interface.
Answers
D.
The routing table shows a single IPSec virtual interface.
Suggested answer: C

Explanation:

The configuration line ''set dpd on-idle'' indicates that dead peer detection (DPD) is set to trigger only when the tunnel is idle, not actively disabled1.Reference:FortiGate IPSec VPN User Guide - Fortinet Document Library

From the given VPN configuration, dead peer detection (DPD) is set to 'on-idle', indicating that DPD is enabled and will be used to detect if the other end of the VPN tunnel is still alive when no traffic is detected. Hence, option C is incorrect. The configuration shows the tunnel set to type 'dynamic', which does not create separate virtual interfaces for each dial-up client (A), and it is not specified that dynamic routing will be used (B). Since this is a phase 1 configuration snippet, the routing table aspect (D) cannot be concluded from this alone.

Show Answer
asked 18/09/2024
Maria Lilian Tongson
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms