Home Vendors New Files TQB Simulator Upload Files
Cisco Microsoft VMware Oracle Checkpoint IBM Exin RedHat ECCouncil PMI

Download Fortinet.NSE7_EFW-6.2.CertDumps.2020-11-22.101q.tqb

Vendor: Fortinet
Exam Code: NSE7_EFW-6.2
Exam Name: Fortinet NSE 7 - Enterprise Firewall 6.2
Date: Nov 22, 2020
File Size: 16 MB
Download Exam
Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:
   
What should the administrator check to fix the problem?
  1. The connectivity between the FortiGate unit and the DNS server.
  2. The connectivity between the client workstations and the DNS server.
  3. That DNS traffic from client workstations is allowed by the explicit web proxy policies.
  4. That DNS service is enabled in the explicit web proxy interface.  
Correct answer: A
Question 2
An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this problem?
  1. TCP half open.
  2. TCP half close.
  3. TCP time wait.
  4. TCP session time to live.
Correct answer: A
Explanation:
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&file=CLI_get_Commands.58.25.html The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACKremains in the table. The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACKremains in the table. The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in thetable. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&file=CLI_get_Commands.58.25.html 
The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACKremains in the table. 
The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACKremains in the table. 
The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in thetable. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.
Question 3
Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below. 
# diagnose debug authd fsso list —FSSO logons-IP: 192.168.3.1 User: STUDENT Groups: TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB. 
What should the administrator check?
  1. The IP address recorded in the logon event for the user STUDENT.
  2. The DNS name resolution for the workstation name INTERNAL2. TRAINING. LAB.  
  3. The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2. TRAINING. LAB.
  4. The reserve DNS lookup forthe IP address 192.168.3.1.
Correct answer: C
CONNECT US
EXAM SIMULATOR

How to Open TQB Files?

Use Taurus Exam Simulator to open TQB files

Taurus Exam Simulator


Taurus Exam Simulator for Windows/macOS/Linus

Download

We does not sell or support this software
Taurus Exam Studio
Enjoy a 20% discount on Taurus Exam Studio!

You now have the chance to acquire Exam Studio at a discounted rate of 20%.

Get Now!
-->