NSE7 Online Practice Questions and Answers

Which real time debug should an administrator enable to troubleshoot RADIUS authentication problems?

A. Diagnose debug application radius -1.

B. Diagnose debug application fnbamd -1.

C. Diagnose authd console –log enable.

D. Diagnose radius console –log enable.

View the global IPS configuration, and then answer the question below.

Which of the following statements is true regarding this configuration?

A. IPS will scan every byte in every session.

B. FortiGate will spawn IPS engine instances based on the system load.

C. New packets will be passed through without inspection if the IPS socket buffer runs out of memory.

D. IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.

Examine the IPsec configuration shown in the exhibit; then answer the question below.

An administrator wants to monitor the VPN by enabling the IKE real time debug using these commands: diagnose vpn ike log-filter src-addr4 10.0.10.1 diagnose debug application ike -1 diagnose debug enable The VPN is currently up, there is no traffic crossing the tunnel and DPD packets are being interchanged

between both IPsec gateways. However, the IKE real time debug does NOT show any output. Why isn't there any output?

A. The IKE real time shows the phases 1 and 2 negotiations only. It does not show any more output once the tunnel is up.

B. The log-filter setting is set incorrectly. The VPN's traffic does not match this filter.

C. The IKE real time debug shows the phase 1 negotiation only. For information after that, the administrator must use the IPsec real time debug instead: diagnose debug application ipsec -1.

D. The IKE real time debug shows error messages only. If it does not provide any output, it indicates that the tunnel is operating normally.

A FortiGate device has the following LDAP configuration:

The administrator executed the `dsquery' command in the Windows LDAp server 10.0.1.10, and got the following output:

>dsquery user –samid administrator

"CN=Administrator, CN=Users, DC=trainingAD, DC=training, DC=lab"

Based on the output, what FortiGate LDAP setting is configured incorrectly?

A. cnid.

B. username.

C. password.

D. dn.

In which of the following states is a given session categorized as ephemeral? (Choose two.)

A. A TCP session waiting to complete the three-way handshake.

B. A TCP session waiting for FIN ACK.

C. A UDP session with packets sent and received.

D. A UDP session with only one packet received.

View the exhibit, which contains the output of a real-time debug, and then answer the question below.

Which of the following statements is true regarding this output? (Choose two.)

A. This web request was inspected using the root web filter profile.

B. FortiGate found the requested URL in its local cache.

C. The requested URL belongs to category ID 52.

D. The web request was allowed by FortiGate.

Examine the following traffic log; then answer the question below.

date-20xx-02-01 time=19:52:01 devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted." What does the log mean?

A. There is not enough available memory in the system to create a new entry in the NAT port table.

B. The limit for the maximum number of simultaneous sessions sharing the same NAT port has been reached.

C. FortiGate does not have any available NAT port for a new connection.

D. The limit for the maximum number of entries in the NAT port table has been reached.

What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?

A. av-failopen

B. mem-failopen

C. utm-failopen

D. ips-failopen

View the exhibit, which contains the output of diagnose sys session stat, and then answer the question

below.

Which statements are correct regarding the output shown? (Choose two.)

A. There are 0 ephemeral sessions.

B. All the sessions in the session table are TCP sessions.

C. No sessions have been deleted because of memory pages exhaustion.

D. There are 166 TCP sessions waiting to complete the three-way handshake.

A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

A. Firewall monitor.

B. Policy monitor.

C. Logs.

D. Crashlogs.