New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE7_NST-7.2 Dumps Questions Answers

Fortinet NSE 7 - Network Security 7.2 Support Engineer Questions and Answers

Question 1

Refer to the exhibit, which shows the omitted output of FortiOS kernel slabs.

Which statement is true?

Options:

A.

The total slab size of the tcp_sessior. slab Is 7500 kB and is associated with the kernel.

B.

The total slab size of the ip6_session slab is 1300 kB and is associated with the kernel.

C.

The total slab size of the sctp_session slab is 0 kB and is associated with the user space

D.

The total slab size of the ip_session slab is 3600 kB and is associated with the user space.

Buy Now
Question 2

Refer to the exhibit, which shows a session table entry.

Which statement about FortiGate behavior relating to this session is true?

Options:

A.

FortiGate forwarded this session without any inspection.

B.

FortiGate is performing a security profile inspection using the CPU.

C.

FortiGate redirected the client to the captive portal to authenticate, so that a correct policy match could be made.

D.

FortiGate applied only IPS inspection to this session.

Question 3

Refer to the exhibit, which shows the output of diagnose syssessionstat. Which statement about the output shown in the exhibit is correct?

Options:

A.

AII the sessions in the session table are TCP sessions.

B.

162 sessions have been deleted because of memory page exhaustion.

C.

There are 166 TCP sessions waiting to complete the three-way handshake.

D.

There are two sessions that have not been removed in case of any out-of-order packets that arrive.

Question 4

Refer to the exhibit, which contains the partial output of a diagnose command.

Based on the output, which two statements are correct? (Choose two.)

Options:

A.

The remote gateway IP is 10.200.5.1.

B.

The remote gateway has quick more selectors containing a destination subnet of 10.1.2.0/24.

C.

DPD is disabled.

D.

Anti-replay is enabled.

Question 5

Which two conditions would prevent a static route from being added to the routing table? (Choose two.)

Options:

A.

The next-hop IP address is unreachable.

B.

The interface specified in the route configuration is down

C.

The route has a lower priority value than another route to the same destination.

D.

There is another other route to the same destination, with a lower distance.

Question 6

Exhibit.

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 7

Refer to the exhibit, which shows the output of get router info ospf neighbor.

What can you conclude from the command output?

Options:

A.

The local FortiGate Is not a DROther.

B.

All neighbors are in area 0.0.0.0.

C.

The local FortiGate is the BDR.

D.

The network type connectingthe local Fortigate and OSPF neighbor 0.0.0.10 is point-to-point.

Question 8

Refer to the exhibit, which shows the omitted output of a real-time OSPF debug

Which statement is false?

Options:

A.

A password has been configured on the local OSPF router but is not shown in the output

B.

The Hello packet is being sent from an OSPF router with ID 0.0.0.112.

C.

The two FortiGate devices attempting adjacency are in area 0.0.0.0.

D.

One FortiGate device is configured to require authentication, while the other is not

Question 9

Refer to the exhibit, which shows the output of a diagnose command.

What can you conclude from the RTT value?

Options:

A.

Its value represents the time it takes to receive a response after a rating request is sent to a particular server.

B.

Its value is incremented with each packet lost.

C.

It determines which FortiGuard server is used for license validation.

D.

lts initial value is statically set to 10.

Question 10

Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.

What three conclusions can you draw from these log entries? (Choose three.)

Options:

A.

Remote registry is not running on the workstation.

B.

The FortiGate firmware version is not compatible with that of the collector agent

C.

DNS resolution is unable to resolve the workstation name.

D.

The user's status shows as "not verified" in the collector agent

E.

A firewall is blocking traffic to port 139 and 445.

Question 11

Referto the exhibit, which shows oneway communication of the downstream FortiGate with the upstream FortiGate within a Security Fabric.

What three actions must you take to ensure successful communication? (Choose three.)

Options:

A.

Ensure the port for Neighbor Discovery has been changed.

B.

FortiGate must not be in NAT mode.

C.

Ensure TCP port 8013 is not blocked along the way

D.

You must authorize the downstream FortiGate on the root FortiGate.

E.

You must enable Security Fabric/Fortitelemetry on the receiving interface of the upstream FortiGate.

Question 12

Refer to the exhibits.

An administrator is attempting to advertise the network configured on port3. However, FGT-A is not receiving the prefix.

Which two actions can the administrator take to fix this problem'' (Choose two.)

Options:

A.

Restart BGP using a soft reset, which forces both peers to exchange their complete BGP routing tables.

B.

Manually add the BGP route on FGT-A.

C.

Modify the prefix using the network command from 172.16.0.0/16 to 172.16.54.0724.

D.

Use the set network-import-check disable command.