Fortinet FCSS - Network Security 7.6 Support Engineer - FCSS_NST_SE-7.6 Exam Questions
QUESTION NO: 1
During which phase of IKEv2 does the Diffie-Helman key exchange take place?
During which phase of IKEv2 does the Diffie-Helman key exchange take place?
Correct Answer: D
QUESTION NO: 2
Refer to the exhibit.
A network topology and a partial routing table are shown.
FortiGate has already been configured with a firewall policy that allows all ICMP traffic to flow from port1 to port3.
Which two changes can the administrator perform to ensure the server at 10.4.0.1/24 receives the ICMP echo reply from the laptop at 10.1.0.1/24? (Choose two.)
Refer to the exhibit.
A network topology and a partial routing table are shown.
FortiGate has already been configured with a firewall policy that allows all ICMP traffic to flow from port1 to port3.
Which two changes can the administrator perform to ensure the server at 10.4.0.1/24 receives the ICMP echo reply from the laptop at 10.1.0.1/24? (Choose two.)
Correct Answer: B,C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
Refer to the exhibits.
FGT-1 is an area border router (ABR) that has interfaces in OSPF areas 0.0.0.0 and 0.0.0.5. FGT-3 acts as an autonomous system border router (ASBR), importing static routes into OSPF. FGT-2 is an internal router with all its interfaces belonging to area 0.0.0.5. FGT-1 is receiving all advertised routes from FGT-2, however, FGT-3 is not receiving any of the advertised routes from FGT-1. What is the most likely reason for this? (Choose one answer)
Refer to the exhibits.
FGT-1 is an area border router (ABR) that has interfaces in OSPF areas 0.0.0.0 and 0.0.0.5. FGT-3 acts as an autonomous system border router (ASBR), importing static routes into OSPF. FGT-2 is an internal router with all its interfaces belonging to area 0.0.0.5. FGT-1 is receiving all advertised routes from FGT-2, however, FGT-3 is not receiving any of the advertised routes from FGT-1. What is the most likely reason for this? (Choose one answer)
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 4
The output of a policy route table entry is shown.
Which type of policy route does the output show?
The output of a policy route table entry is shown.
Which type of policy route does the output show?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 5
Refer to the exhibit.
A partial output from an IKE real-time debug is shown
The administrator does not have access to (he remote gateway
Based on the debug output, which two conclusions can you draw? (Choose two.)
Refer to the exhibit.
A partial output from an IKE real-time debug is shown
The administrator does not have access to (he remote gateway
Based on the debug output, which two conclusions can you draw? (Choose two.)
Correct Answer: A,C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 6
Refer to the exhibits.
An OSPF peer is advertising route 172.16.52.0/24. The local FortiGate is configured with an inbound distribution list that allows the 172.16.0.0/16 network to be injected into its routing table. However, the 1'2.16.52.0/24 subnet cannot be seen in the FIB.
Which two stops can the administrator of the local FortiGate take to ensure that the advertised 172.16. 52.0/24 subnet will be injected into the routing table? (Choose two.)
Refer to the exhibits.
An OSPF peer is advertising route 172.16.52.0/24. The local FortiGate is configured with an inbound distribution list that allows the 172.16.0.0/16 network to be injected into its routing table. However, the 1'2.16.52.0/24 subnet cannot be seen in the FIB.
Which two stops can the administrator of the local FortiGate take to ensure that the advertised 172.16. 52.0/24 subnet will be injected into the routing table? (Choose two.)
Correct Answer: C,D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
