最新的 NSE 7 Network Security Architect NSE7_EFW-6.2 免費考試真題:

1. Refer to the exhibit, which contains a TCL script configuration on FortiManager.

An administrator has configured the TCL script on FortiManager, but failed to apply any changes to the managed device after being executed.
Why did the TCL script fail to make any changes to the managed device?

A) Changes in an interface configuration can only be done by CLI script.
B) The TCL script must start with #include <>.
C) Incomplete commands are ignored in TCL scripts.
D) The TCL command run_cmd has not been created.

2. Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

A) Diagnose debug application fnbamd -1.
B) Diagnose authd console -log enable.
C) Diagnose debug application radius -1.
D) Diagnose radius console -log enable.

3. An administrator has configured two FortiGate devices for an HA cluster. While testing the HA failover, the administrator noticed that some of the switches in the network continue to send traffic to the former primary unit. The administrator decides to enable the setting link-failed-signal to fix the problem. Which statement is correct regarding this command?

A) Sends a link failed signal to all connected devices.
B) Forces the former primary device to shut down all its non-heartbeat interfaces for one second while the failover occurs.
C) Disables all the non-heartbeat interfaces in all the HA members for two seconds after a failover.
D) Sends an ARP packet to all connected devices, indicating that the HA virtual MAC address is reachable through a new master after a failover.

4. View the exhibit, which contains the partial output of an IKE real-time debug, and then answer the question below.

Which statements about this debug output are correct? (Choose two.)

A) The negotiation is using AES128 encryption with CBC hash.
B) The initiator has provided remote as its IPsec peer ID.
C) It shows a phase 1 negotiation.
D) The remote gateway IP address is 10.0.0.1.

5. What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

A) Hello and dead intervals match.
B) IP addresses are in the same subnet.
C) OSPF costs match.
D) OSPF IP MTUs match.
E) OSPF peer IDs match.

問題與答案：