最新的NSE 7 Network Security Architect認證 NSE7_EFW-6.2考試題庫

問題1

Examine the following partial output from two system debug commands; then answer the question below.

Which of the following statements are true regarding the above outputs? (Choose two.)

A. The Cached value is always the Active value plus the Inactive value

B. The unit is running a 32-bit FortiOS

C. The unit is in kernel conserve mode

D. Kernel indirectly accesses the low memory (LowTotal) through memory paging

正確答案: A,B

問題2

View the exhibit, which contains an entry in the session table, and then answer the question below.

Which one of the following statements is true regarding FortiGate's inspection of this session?

A. FortiGate applied proxy-based inspection.

B. FortiGate applied flow-based inspection.

C. FortiGate applied explicit proxy-based inspection.

D. FortiGate forwarded this session without any inspection.

正確答案: A

說明：（僅 VCESoft 成員可見）

問題3

Refer to the exhibit, which contains the output of a BGP debug command.

Which statement about the exhibit is true?

A. The local router has not established a TCP session with 100.64.3.1.

B. Since the counters were last reset, the 10.200.3.1 peer has never been down.

C. The local router has received a total of three BGP prefixes from all peers.

D. The local router BGP state is OpenConfirm with the 10.127.0.75 peer.

正確答案: A

問題4

Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

A. Diagnose debug application fnbamd -1.

B. Diagnose authd console -log enable.

C. Diagnose debug application radius -1.

D. Diagnose radius console -log enable.

正確答案: A

說明：（僅 VCESoft 成員可見）

問題5

Examine the following partial outputs from two routing debug commands; then answer the question below:

Why the default route using port2 is not displayed in the output of the second command?

A. It has a higher priority than the default route using port1.

B. It is disabled in the FortiGate configuration.

C. It has a lower priority than the default route using port1.

D. It has a higher distance than the default route using port1.

正確答案: D

說明：（僅 VCESoft 成員可見）

問題6

View the exhibit, which contains the output of a diagnose command, and then answer the question below.

What statements are correct regarding the output? (Choose two.)

A. Traffic in the original direction (coming from the IP address 10.171.122.38) will be routed to the next-hop IP address 10.200.1.1.

B. This is an expected session created by an application control profile.

C. Traffic in the original direction (coming from the IP address 10.171.122.38) will be routed to the next-hop IP address 10.0.1.10.

D. This is an expected session created by a session helper.

正確答案: A,D

問題7

Examine the following routing table and BGP configuration; then answer the question below.

TheBGP connection is up, but the local peer is NOT advertising the prefix 192.168.1.0/24. Which configuration change will make the local peer advertise this prefix?

A. Disable the setting network-import-check.

B. Enable the setting ebgp-multipath.

C. Enable the redistribution of connected routers into BGP.

D. Enable the redistribution of static routers into BGP.

正確答案: A

問題8

View the exhibit, which contains the output of a web diagnose command, and then answer the question below.

Which one of the following statements explains why the cache statistics are all zeros?

A. The administrator has reallocated the cache memory to a separate process.

B. FortiGate is using a flow-based web filter and the cache applies only to proxy-based inspection.

C. There are no users making web requests.

D. The FortiGuard web filter cache is disabled in the FortiGate's configuration.

正確答案: D

問題9

An administrator is running the following sniffer in a FortiGate:
diagnose sniffer packet any "host 10.0.2.10" 2
What information is included in the output of the sniffer? (Choose two.)

A. IP payload.

B. IP headers.

C. Ethernet headers.

D. Port names.

正確答案: A,B

說明：（僅 VCESoft 成員可見）

問題10

View the exhibit, which contains the partial output of a diagnose command, and then answer the question below.

Based on the output, which of the following statements is correct?

A. DPD is disabled.

B. Remote gateway IP is 10.200.5.1.

C. Anti-reply is enabled.

D. Quick mode selectors are disabled.

正確答案: C

最新的Fortinet NSE 7 - Enterprise Firewall 6.2 - NSE7_EFW-6.2免費考試真題

最新更新

站內鏈接

聯系我們