Fortinet NSE 7 - Enterprise Firewall 7.0 - NSE7_EFW-7.0 Exam Questions
QUESTION NO: 1
A FortiGate device has the following LDAP configuration:
The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:
Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)
A FortiGate device has the following LDAP configuration:
The LDAP user student cannot authenticate. The exhibit shows the output of the authentication real time debug while testing the student account:
Based on the above output, what FortiGate LDAP settings must the administer check? (Choose two.)
Correct Answer: A,B
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 2
Refer to the exhibits.
Which contain the partial configurations of two VPNs on FortiGate.
An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovered that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must administrator make to fix the issue? (Choose two.)
Refer to the exhibits.
Which contain the partial configurations of two VPNs on FortiGate.
An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovered that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must administrator make to fix the issue? (Choose two.)
Correct Answer: A,D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)
What configuration changes can reduce the memory utilization in a FortiGate? (Choose two.)
Correct Answer: C,D
QUESTION NO: 4
What are two functions of automation stitches? (Choose two.)
What are two functions of automation stitches? (Choose two.)
Correct Answer: C,D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 5
Refer to the exhibit, which contains partial output from an IKE real-time debug.
Why did the tunnel not come up?
Refer to the exhibit, which contains partial output from an IKE real-time debug.
Why did the tunnel not come up?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 6
Refer to the exhibit, which shows a central management configuration.
Which server will FortiGate choose for web filter rating requests, if 10.0.1.240 is experiencing an outage?
Refer to the exhibit, which shows a central management configuration.
Which server will FortiGate choose for web filter rating requests, if 10.0.1.240 is experiencing an outage?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 7
Exhibits:
Refer to the exhibits, which contain the network topology and BGP configuration for a hub.
An administrator is trying to configure ADVPN with a hub-spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however, the spokes are not receiving route information from each other.
What change must the administrator make to the hub BGP configuration so that the routes learned by one spoke are forwarded to the other spokes?
Exhibits:
Refer to the exhibits, which contain the network topology and BGP configuration for a hub.
An administrator is trying to configure ADVPN with a hub-spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however, the spokes are not receiving route information from each other.
What change must the administrator make to the hub BGP configuration so that the routes learned by one spoke are forwarded to the other spokes?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 8
Refer to the exhibit, which contains the output of a BGP debug command.
Which statement about the exhibit is true?
Refer to the exhibit, which contains the output of a BGP debug command.
Which statement about the exhibit is true?
Correct Answer: D
QUESTION NO: 9
What is the purpose of an internal segmentation firewall (ISFW)?
What is the purpose of an internal segmentation firewall (ISFW)?
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 10
An LDAP user cannot authenticate against a FortiGate device. Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer the question below.
Based on the output in the exhibit, what can cause this authentication problem?
An LDAP user cannot authenticate against a FortiGate device. Examine the real time debug output shown in the exhibit when the user attempted the authentication; then answer the question below.
Based on the output in the exhibit, what can cause this authentication problem?
Correct Answer: C
QUESTION NO: 11
Refer to the exhibit, which shows the output of a diagnose command.
What can be concluded about the debug output in this scenario?
Refer to the exhibit, which shows the output of a diagnose command.
What can be concluded about the debug output in this scenario?
Correct Answer: B
