Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE7

Fortinet NSE7 Exam Practice Questions (P. 4)

  • Full Access (86 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #16
An administrator has configured a dial-up IPsec VPN with one phase 2, extended authentication (XAuth) and IKE mode configuration. The administrator has also enabled the IKE real time debug: diagnose debug application ike-1 diagnose debug enable
In which order is each step and phase displayed in the debug output each time a new dial-up user is connecting to the VPN?
  1. A
    Phase1; IKE mode configuration; XAuth; phase 2.
  2. B
    Phase1; XAuth; IKE mode configuration; phase2.
  3. C
    Phase1; XAuth; phase 2; IKE mode configuration.
  4. D
    Phase1; IKE mode configuration; phase 2; XAuth.

Correct Answer:
B

Question #17
Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?
  1. A
    Group ID.
  2. B
    Group name.
  3. C
    Session pickup.
  4. D
    Gratuitous ARPs.

Correct Answer:
A

Question #18
When does a RADIUS server send an Access-Challenge packet?
  1. A
    The server does not have the user credentials yet.
  2. B
    The server requires more information from the user, such as the token code for two-factor authentication.
  3. C
    The user credentials are wrong.
  4. D
    The user account is not found in the server.

Correct Answer:
B

Question #19
The logs in a FSSO collector agent (CA) are showing the following error: failed to connect to registry: PIKA1026 (192.168.12.232)
What can be the reason for this error?
  1. A
    The CA cannot resolve the name of the workstation.
  2. B
    The FortiGate cannot resolve the name of the workstation.
  3. C
    The remote registry service is not running in the workstation 192.168.12.232.
  4. D
    The CA cannot reach the FortiGate with the IP address 192.168.12.232.

Correct Answer:
C

Question #20
Examine the output of the "˜get router info ospf neighbor' command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)
  1. A
    The interface ToRemote is OSPF network type point-to-point.
  2. B
    The OSPF router with the ID 0.0.0.2 is the designated router for the ToRemote network.
  3. C
    The local FortiGate is the backup designated router for the wan1 network.
  4. D
    The OSPF routers with the IDs 0.0.0.69 and 0.0.0.117 are both designated routers for the wan1 network.

Correct Answer:
AC

Previous Questions Next Questions

All Pages