Download Fortinet.NSE7_EFW-6.2.CertDumps.2020-11-22.101q.tqb

Download Exam

File Info

Exam Fortinet NSE 7 - Enterprise Firewall 6.2
Number NSE7_EFW-6.2
File Name Fortinet.NSE7_EFW-6.2.CertDumps.2020-11-22.101q.tqb
Size 16 MB
Posted Nov 22, 2020
Download Fortinet.NSE7_EFW-6.2.CertDumps.2020-11-22.101q.tqb

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:
   
What should the administrator check to fix the problem?


  1. The connectivity between the FortiGate unit and the DNS server.
  2. The connectivity between the client workstations and the DNS server.
  3. That DNS traffic from client workstations is allowed by the explicit web proxy policies.
  4. That DNS service is enabled in the explicit web proxy interface.  
Correct answer: A



Question 2

An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this problem?


  1. TCP half open.
  2. TCP half close.
  3. TCP time wait.
  4. TCP session time to live.
Correct answer: A
Explanation:
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&file=CLI_get_Commands.58.25.html The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACKremains in the table. The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACKremains in the table. The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in thetable. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&file=CLI_get_Commands.58.25.html 
The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACKremains in the table. 
The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACKremains in the table. 
The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in thetable. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.



Question 3

Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below. 
# diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB. 
What should the administrator check?


  1. The IP address recorded in the logon event for the user STUDENT.
  2. The DNS name resolution for the workstation name INTERNAL2. TRAINING. LAB.  
  3. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2. TRAINING. LAB.
  4. The reserve DNS lookup forthe IP address 192.168.3.1.
Correct answer: C









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files