Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet FCSS_NST_SE-7.6 - Fortinet NSE 6 - Network Security 7.6 Support Engineer

Page: 2 / 3
Total 95 questions

Which statement about IKEv2 is true?

A.

Both IKEv1 and IKEv2 share the feature of asymmetric authentication.

B.

IKEv1 and IKEv2 have enough of the header format in common that both versions can run over the same UDP port.

C.

IKEv1 and IKEv2 use same TCP port but run on different UDP ports.

D.

IKEv1 and IKEv2 share the concept of phase1 and phase2.

Refer to the exhibit.

The sniffer log on two FortiGate devices are shown. Based on the information in the log, which two factors explain the output on FortiGate FGT-02? (Choose two answers)

A.

A third-party device is blocking protocol 50.

B.

The administrator has not yet configured the VPN tunnel on FGT-02.

C.

The administrator configured the wrong remote peer IP address on FGT-01.

D.

The administrator set the wrong sniffer filter on FGT-02.

Refer to the exhibit, which shows the omitted output of a session table entry.

Which two statements are true? (Choose two.)

A.

The traffic has been tagged for VLAN 0000.

B.

NP7 is handling offloading of this session.

C.

The traffic matches Policy ID 1.

D.

The session has been offloaded.

Refer to the exhibit, which shows a partial output of the real-time LDAP debug.

What two actions can the administrator take to resolve this issue? (Choose two.)

A.

Ensure the user logs in using 'John Smith' not 'jsmith'.

B.

Ensure the user is providing the correct user credentials.

C.

Ensure the user is a member of at least one AD group to ensure step 4 of the LDAP authentication process is successful.

D.

Ensure the account is active.

When FortiGate enters conserve mode because of memory pressure, which action can FortiGate perform to preserve memory?

A.

FortiGate automatically reboots to clear memory and restore full operation.

B.

FortiGate switches to a less memory-intensive inspection mode, such as flow-based inspection.

C.

FortiGate reduces or stops non-essential processes tike logging and antivirus scanning

D.

Fortigate begins dropping all new sessions to protect resources.

Refer to the exhibit.

The exhibit shows the output from using the command diagnose debug application samld -1 to diagnose a SAML connection.

Based on this output, what can you conclude?

A.

Active Directory is used for authentication.

B.

The authentication request is for an SSL VPN connection.

C.

The IdP IP address is 10.1.10.254.

D.

The IdP IP address is 10.1.10.2.

Refer to the exhibit, which shows the partial output of a diagnose command.

Which two conclusions can you draw from the output shown in the exhibit? (Choose two.)

A.

FortiGate will drop the expected traffic if it does not arrive within 23 seconds.

B.

Clearing the master session has no impact on the expectation session.

C.

This is a pinhole session to allow traffic for a TCP protocol that dynamically assigns TCP ports.

D.

The session is checked against firewall policy ID 25.

Refer to the exhibit, which shows the partial output of FortiOS kernel slabs.

Which statement is true?

A.

The total slab size of the sctp_session slab is 0 kB and is associated with the user space.

B.

The total slab size of the ip_session slab is 3600 kB and is associated with the user space.

C.

The total slab size of the ip6_session slab is 1300 kB and is associated with the kernel.

D.

The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.

Refer to the exhibits.

FGT-1 is an area border router (ABR) that has interfaces in OSPF areas 0.0.0.0 and 0.0.0.5. FGT-3 acts as an autonomous system border router (ASBR), importing static routes into OSPF. FGT-2 is an internal router with all its interfaces belonging to area 0.0.0.5. FGT-1 is receiving all advertised routes from FGT-2, however, FGT-3 is not receiving any of the advertised routes from FGT-1. What is the most likely reason for this? (Choose one answer)

A.

Area 0.0.0.5 is configured not to propagate type 5 LSAs.

B.

FGT-2 is configured with a distribution list to block all advertised routes from FGT-3.

C.

FGT-3 and FGT-2 have not formed an OSPF adjacency yet.

D.

IP protocol 89 is blocked between FGT-1 and FGT-3.

Refer to the exhibit, which shows the modified output of the routing kernel.

Which statement is true?

A.

The egress interface associated with static route 8.8.8.8/32 is administratively up.

B.

The default static route through 10.200.1.254 is not in the forwarding information base.

C.

The default static route through port2 is in the forwarding information base.

D.

The BGP route to 10.0.4.0/24 is not in the forwarding information base.