Download Fortinet.Braindumps.NSE7.2018-05-08.1e.35q.vcex

Download Dump

File Info

Exam NSE7 Enterprise Firewall - FortiOS 5.4
Number NSE7
File Name Fortinet.Braindumps.NSE7.2018-05-08.1e.35q.vcex
Size 4.56 Mb
Posted May 08, 2018
Downloaded 11

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1
An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug:
diagnose debug application ike-1 
diagnose debug enable  
In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?

  • A: Phase1; IKE mode configuration; XAuth; phase 2.
  • B: Phase1; XAuth; IKE mode configuration; phase2.
  • C: Phase1; XAuth; phase 2; IKE mode configuration.
  • D: Phase1; IKE mode configuration; phase 2; XAuth.

Question 2
Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

  • A: Group ID.
  • B: Group name.
  • C: Session pickup.
  • D: Gratuitous ARPs.

Question 3
When does a RADIUS server send an Access-Challenge packet?

  • A: The server does not have the user credentials yet.
  • B: The server requires more information from the user, such as the token code for two-factor authentication.
  • C: The user credentials are wrong.
  • D: The user account is not found in the server.

Question 4
The logs in a FSSO collector agent (CA) are showing the following error: 
failed to connect to registry: PIKA1026 (
What can be the reason for this error?

  • A: The CA cannot resolve the name of the workstation.
  • B: The FortiGate cannot resolve the name of the workstation.
  • C: The remote registry service is not running in the workstation
  • D: The CA cannot reach the FortiGate with the IP address

Question 5
Examine the output of the ‘get router info ospf neighbor’ command shown in the exhibit; then answer the question below. 

Which statements are true regarding the output in the exhibit? (Choose two.)

  • A: The interface ToRemote is OSPF network type point-to-point.
  • B: The OSPF router with the ID is the designated router for the ToRemote network.
  • C: The local FortiGate is the backup designated router for the wan1 network.
  • D: The OSPF routers with the IDs and are both designated routers for the wan1 network.

Question 6
A FortiGate has two default routes: 

All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user: 

What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?

  • A: Session would remain in the session table and its traffic would keep using port1 as the outgoing interface.
  • B: Session would remain in the session table and its traffic would start using port2 as the outgoing interface.
  • C: Session would be deleted, so the client would need to start a new session.
  • D: Session would remain in the session table and its traffic would be shared between port1 and port2.

Question 7
What events are recorded in the crashlogs of a ForitGate device? (Choose two.)

  • A: A process crash.
  • B: Configuration changes.
  • C: Changes in the status of any of the FortiGuard licenses.
  • D: System entering to and leaving from the proxy conserve mode.

Question 8
Examine the following partial outputs from two routing debug commands; then answer the question below: 

Why the default route using port2 is not displayed in the output of the second command?

  • A: It has a lower priority than the default route using port1.
  • B: It has a higher priority than the default route using port1.
  • C: It has a higher distance than the default route using port1.
  • D: It is disabled in the FortiGate configuration.

Question 9
A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

  • A: Firewall monitor.
  • B: Policy monitor.
  • C: Logs.
  • D: Crashlogs.

Question 10
An administrator has enabled HA session synchronization in a HA cluster with two members. Which flag is added to a primary unit’s session to indicate that it has been synchronized to the secondary unit?

  • A: redir.
  • B: dirty.
  • C: synced
  • D: nds.



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files