Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Fortinet FCSS_NST_SE-7.6 - FCSS - Network Security 7.6 Support Engineer

Fortinet FCSS_NST_SE-7.6 Premium Access     Download Demo    
Page: 1 / 2
Total 66 questions

Refer to the exhibit, which shows the omitted output of a session table entry.

Which two statements are true? (Choose two.)

A.

The traffic has been tagged for VLAN 0000.

B.

NP7 is handling offloading of this session.

C.

The traffic matches Policy ID 1.

D.

The session has been offloaded.

What are two reasons you might see iprope_in_check() check failed, drop when using the debug flow? (Choose two.)

A.

Packet was dropped because of policy route misconfiguration.

B.

Packet was dropped because of traffic shaping.

C.

Trusted host list misconfiguration.

D.

VIP or IP pool misconfiguration.

What are two functions of automation stitches? (Choose two.)

A.

You can configure automation stitches on any FortiGate device in a Security Fabric environment.

B.

You can configure automation stitches to execute actions sequentially by taking parameters from previous actions as input for the current action.

C.

You can set an automation stitch configured to execute actions in parallel to insert a specific delay between actions.

D.

You can create automation stitches to run diagnostic commands and attach the results to an email message when CPU or memory usage exceeds specified thresholds.

Refer to the exhibit, which shows the partial output of a diagnose command.

Which two conclusions can you draw from the output shown in the exhibit? (Choose two.)

A.

FortiGate will drop the expected traffic if it does not arrive within 23 seconds.

B.

Clearing the master session has no impact on the expectation session.

C.

This is a pinhole session to allow traffic for a TCP protocol that dynamically assigns TCP ports.

D.

The session is checked against firewall policy ID 25.

Refer to the exhibit, which shows the partial output of command diagnose debug rating.

In this exhibit, which FDS server will the FortiGate algorithm choose?

A.

66.117.56.37

B.

208.91.112.194

C.

209.22.147.36

D.

64.26.151.37

Which statement about protocol options is true?

A.

Protocol options allow administrators to configure a maximum number of sessions for each configured protocol.

B.

Protocol options give administrators a streamlined method to instruct FortiGate to block all sessions corresponding to disabled protocols.

C.

Protocol options allow administrators to configure the Any setting for all enabled protocols, which provides the most efficient use of system resources.

D.

Protocol options allow administrators to configure which Layer 4 port numbers map to upper-layer protocols, such as HTTP, SMTP, FTP, and so on.

Refer to the exhibit, which shows the partial output of FortiOS kernel slabs.

Which statement is true?

A.

The total slab size of the sctp_session slab is 0 kB and is associated with the user space.

B.

The total slab size of the ip_session slab is 3600 kB and is associated with the user space.

C.

The total slab size of the ip6_session slab is 1300 kB and is associated with the kernel.

D.

The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.

Exhibit 1.

Exhibit 2.

Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.

An administrator would like to lest session failover between the two service provider connections.

Which two changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)

A.

Change the priority of the port! static route to 11.

B.

Change the priority of the port2 static route to 5.

C.

Configure unset snat-route-change to return it to the default setting.

D.

Configure set snat-route-change enable.

Which statement about parallel path processing is correct (PPP)?

A.

PPP chooses from a group of parallel options lo identity the optimal path tor processing a packet.

B.

Only FortiGate hardware configurations affect the path that a packet takes.

C.

PPP does not apply to packets that are part of an already established session.

D.

Software configuration has no impact on PPP.

Refer to the exhibit, which shows a partial output of a real-time LDAP debug.

What two conclusions can you draw from the output? (Choose two.)

A.

The user was found in the LDAP tree, whose root is TAC.ottawa.fortinet.com.

B.

FortiOS performs a bind to the LDAP server using the user's credentials.

C.

FortiOS collects the user group information.

D.

FortiOS is performing the second step (Search Request) in the LDAP authentication process.