Fortinet Certified Solution Specialist FCSS_NST_SE-7.4 Exam Questions and Answers PDF

FCSS - Network Security 7.4 Support Engineer Questions and Answers

Question 5

Which authentication option can you not configure under config user radius on FortiOS?

mschap

pap

mschap2

eap

Question 6

Refer to the exhibit, which contains the output ofdiagnose vpn tunnellist.

Which command will capture ESP traffic for the VPN named DialUp_0?

diagnose sniffer packet any 'ip proto 50'

diagnose sniffer packet any 'host 10.0.10.10'

diagnose sniffer packet any 'esp and host 10.200.3.2'

diagnose sniffer packet any 'port 4500'

Question 7

Refer to theexhibit,which shows the output of getrouter info ospf neighbor.

What can you conclude from the command output?

The network type connecting the local Fortigate and OSPF neighbor 0.0.0.10 is point-to-point.

All neighbors are in area 0.0.0.0.

The local FortiGate is the BDR.

The local FortiGate is not a DROther.

Question 8

Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.

What two conclusions can you draw Itom the output? (Choose two.)

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.

The logon event can be seen on the collector agent installed on Windows.

FSSO is using DC agent mode to detect logon events.

FSSO is using agentless polling mode to detect logon events.