18 November, 2024

Updated NSE7_EFW-6.4 Exam Prep For Fortinet NSE 7 - Enterprise Firewall 6.4 Certification

It is more faster and easier to pass the Fortinet NSE7_EFW-6.4 exam by using Simulation Fortinet Fortinet NSE 7 - Enterprise Firewall 6.4 questuins and answers. Immediate access to the Down to date NSE7_EFW-6.4 Exam and find the same core area NSE7_EFW-6.4 questions with professionally verified answers, then PASS your exam with a high score now.

Page: 1 / 9

Total 115 questions Full Exam Access

Question 1

Refer to the exhibit, which contains the debug output of diagnose dvm device list.
NSE7_EFW-6.4 dumps exhibit

Which two statements about the output shown in the exhibit are correct? (Choose two.)

ADOMs are disabled on the FortiManager

The FortiGate configuration is in sync with latest running revision history.

There are pending device-level changes yet to be installed on Local-FortiGate.

The policy package has been modified for Local-FortiGate.

Question 2

When using the SSL certificate inspection method to inspect HTTPS traffic, how does FortiGate filter web requests when the client browser does not provide the server name indication (SNI) extension?

FortiGate uses the requested URL from the user’s web browser.

FortiGate uses the CN information from the Subject field in the server certificate.

FortiGate blocks the request without any further inspection.

FortiGate switches to the full SSL inspection method to decrypt the data.

Question 3

The CLI command set intelligent-mode controls the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?

Determines the optimal number of IPS engines required based on system load.

Downloads signatures on demand from FDS based on scanning requirements.

Determines when it is secure enough to stop scanning session traffic.

Choose a matching algorithm based on available memory and the type of inspection being performed.

Question 4

Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

SIP session helper runs in the kernel; SIP ALG runs as a user space process.

SIP ALG supports SIP HA failover; SIP helper does not.

SIP ALG supports SIP over IPv6; SIP helper does not.

SIP ALG can create expected sessions for media traffic; SIP helper does not.

SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.

Question 5

Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.

When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.

When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.

When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

Question 6

An LDAP user cannot authenticate against a FortiGate device. Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer the question below.
NSE7_EFW-6.4 dumps exhibit

Based on the output in the exhibit, what can cause this authentication problem?

User student is not found in the LDAP server.

User student is using a wrong password.

The FortiGate has been configured with the wrong password for the LDAP administrator.

The FortiGate has been configured with the wrong authentication schema.

Question 7

A FortiGate device has the following LDAP configuration:
NSE7_EFW-6.4 dumps exhibit

The administrator executed the ‘dsquery’ command in the Windows LDAp server 10.0.1.10, and got the following output:
>dsquery user –samid administrator
“CN=Administrator, CN=Users, DC=trainingAD, DC=training, DC=lab” Based on the output, what FortiGate LDAP setting is configured incorrectly?

cnid.

username.

password.

dn.

Question 8

Which two statements about an auxiliary session are true? (Choose two.)

With the auxiliary session setting enabled, ECMP traffic is accelerated to the NP6 processor.

With the auxiliary session setting enabled, two sessions will be created in case of routing change.

With the auxiliary session setting disabled, for each traffic path, FortiGate will use the same auxiliary session.

With the auxiliary session disabled, only auxiliary sessions will be offloaded.

Question 9

Refer to the exhibit, which contains the partial output of a diagnose command.
NSE7_EFW-6.4 dumps exhibit

Based on the output, which two statements are correct? (Choose two.)

Anti-replay is enabled

The remote gateway IP is 10.200.4.1.

DPD is disabled.

Quick mode selectors are disabled.

Question 10

View the exhibit, which contains the partial output of an IKE real time debug, and then answer the question below.
NSE7_EFW-6.4 dumps exhibit

The administrator does not have access to the remote gateway. Based on the debug output, what configuration changes can the administrator make to the local gateway to resolve the phase 1 negotiation error?

Change phase 1 encryption to AESCBC and authentication to SHA128.

Change phase 1 encryption to 3DES and authentication to CBC.

Change phase 1 encryption to AES128 and authentication to SHA512.

Change phase 1 encryption to 3DES and authentication to SHA256.

Question 11

What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?

av-failopen

mem-failopen

utm-failopen

ips-failopen

Question 12

Examine the following traffic log; then answer the question below.
date-20xx-02-01 time=19:52:01 devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted."
What does the log mean?

There is not enough available memory in the system to create a new entry in the NAT port table.

The limit for the maximum number of simultaneous sessions sharing the same NAT port has been reached.

FortiGate does not have any available NAT port for a new connection.

The limit for the maximum number of entries in the NAT port table has been reached.

Question 13

Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)

Preview pending configuration changes for managed devices.

Add devices to FortiManager.

Import policy packages from managed devices.

Install configuration changes to managed devices.

Import interface mappings from managed devices.

Question 14

What does the dirty flag mean in a FortiGate session?

Traffic has been blocked by the antivirus inspection.

The next packet must be re-evaluated against the firewall policies.

The session must be removed from the former primary unit after an HA failover.

Traffic has been identified as from an application that is not allowed.

Question 15

What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)

Reduce the session time to live.

Increase the TCP session timers.

Increase the FortiGuard cache time to live.

Reduce the maximum file size to inspect.

Question 16

Examine the following routing table and BGP configuration; then answer the question below.
NSE7_EFW-6.4 dumps exhibit

TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?

Enable the redistribution of connected routers into BGP.

Enable the redistribution of static routers into BGP.

Disable the setting network-import-check.

Enable the setting ebgp-multipath.

Question 17

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

Group ID.

Group name.

Session pickup.

Gratuitous ARPs.

Page: 1 / 9

Total 115 questions Full Exam Access