Fortinet nse7-efw-7-2 practice test

fortinet nse 7 - enterprise firewall 7.2

Last exam update: Dec 14 ,2024
Page 1 out of 6. Viewing questions 1-10 out of 57

Question 1

Refer to the exhibit, which shows an ADVPN network.



The client behind Spoke-1 generates traffic to the device located behind Spoke-2.

Which first message does the hub send to Spoke-1 to bring up the dynamic tunnel?

  • A. Shortcut forward
  • B. Shortcut reply
  • C. Shortcut query
  • D. Shortcut offer
Mark Question:
Answer:

c

User Votes:
A
50%
B
50%
C
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Refer to the exhibit, which shows a network diagram.

Which protocol should you use to configure the FortiGate cluster?

  • A. FGCP in active-passive mode
  • B. FGCP in active-active mode
  • C. FGSP
  • D. VRRP
Mark Question:
Answer:

c

User Votes:
A 1 votes
50%
B
50%
C 1 votes
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

You created a VPN community using VPN Manager on FortiManager. You also added gateways to the VPN community. Now you are trying to create firewall policies to permit traffic over the tunnel; however, the VPN interfaces do not appear as available options.
What step must you take to resolve this issue?

  • A. Refresh the device status using the Device Manager so that FortiGate populates the IPSec interfaces.
  • B. Install the VPN community and gateway configuration on the FortiGate devices so that the VPN interfaces appear on the Policy Objects on FortiManager.
  • C. Configure the phase 1 settings in the VPN community that you didnt initially configure. FortiGate automatically generates the interfaces after you configure the required settings.
  • D. Create interface mappings for the IPsec VPN interfaces before you use them in a policy.
Mark Question:
Answer:

b

User Votes:
A
50%
B 2 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

What are two functions of automation stitches? (Choose two.)

  • A. Automation stitches can be created to run diagnostic commands and email the results when CPU or memory usage exceeds specified thresholds.
  • B. An automation stitch configured to execute actions in parallel can be set to insert a specific delay between actions.
  • C. Automation stitches can be configured on any FortiGate device in a Security Fabric environment.
  • D. An automation stitch configured to execute actions sequentially can take parameters from previous actions as input for the current action.
Mark Question:
Answer:

ad

User Votes:
A 2 votes
50%
B
50%
C
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

You configured an address object on the root FortiGate in a Security Fabric. This object is not synchronized with a downstream device.

Which two reasons could be the cause? (Choose two.)

  • A. The downstream FortiGate has fabric-object-unification set to local.
  • B. The root FortiGate has configuration-sync set to enable.
  • C. The address object on the root FortiGate has fabric-object set to disable.
  • D. The downstream FortiGate has configuration-sync set to local.
Mark Question:
Answer:

ac

User Votes:
A 1 votes
50%
B
50%
C 2 votes
50%
D 1 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

Refer to the exhibit, which contains a partial BGP configuration.



You want to configure a loopback as the BGP source.

Which two parameters must you set in the BGP configuration? (Choose two.)

  • A. ebgp-enforce-multihop
  • B. recursive-next-hop
  • C. ibgp-enforce-multihop
  • D. update-source
Mark Question:
Answer:

ad

User Votes:
A 2 votes
50%
B 1 votes
50%
C
50%
D 1 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Refer to the exhibit, which contains a partial configuration of the global system.

What can you conclude from this output?

  • A. Only NPs are disabled
  • B. Only CPs are disabled
  • C. NPs and CPs are enabled
  • D. NPs and CPs are disabled
Mark Question:
Answer:

d

User Votes:
A
50%
B
50%
C 2 votes
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Which FortiGate in a Security Fabric sends logs to FortiAnalyzer?

  • A. Only the root FortiGate.
  • B. Each FortiGate in the Security Fabric.
  • C. The FortiGate devices performing network address translation (NAT) or unified threat management (UTM), if configured.
  • D. Only the last FortiGate that handled a session in the Security Fabric.
Mark Question:
Answer:

b

User Votes:
A
50%
B 1 votes
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

Refer to the exhibit, which contains a TCL script configuration on FortiManager.

An administrator has configured the TCL script on FortiManager, but the TCL script failed to apply any changes to the managed device after being run.
Why did the TCL script fail to make any changes to the managed device?

  • A. The TCL procedure run_cmd has not been created.
  • B. The TCL script must start with #include.
  • C. There is no corresponding #! to signify the end of the script.
  • D. The TCL procedure lacks the required loop statements to iterate through the changes.
Mark Question:
Answer:

a

User Votes:
A 2 votes
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which two statements about ADVPN are true? (Choose two.)

  • A. The hub adds routes based on IKE negotiations.
  • B. You must configure phase 2 quick mode selectors to 0.0.0.0 0.0.0.0.
  • C. All FortiGate devices must be in the same autonomous system (AS).
  • D. You must disable add-route in the hub.
Mark Question:
Answer:

ab

User Votes:
A
50%
B 2 votes
50%
C
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2