Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE7_LED-7.0

Fortinet NSE7_LED-7.0 Exam Practice Questions (P. 2)

  • Full Access (51 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Refer to the exhibit.

Examine the IPsec VPN phase 1 configuration shown in the exhibit.
An administrator wants to use certificate-based authentication for an IPsec VPN user.
Which three configuration changes must you make on FortiGate to perform certificate-based authentication for the IPsec VPN user? (Choose three.)
  1. A
    Create a PKI user for the IPsec VPN user, and then configure the IPsec VPN tunnel to accept the PKI user as peer certificate.
  2. B
    In the Authentication section of the IPsec VPN tunnel, in the Method drop-down list, select Signature, and then select the certificate that FortiGate will use for IPsec VPN.
  3. C
    In the IKE section of the IPsec VPN tunnel, in the Mode field, select Main (ID protection).
  4. D
    Import the CA that signed the user certificate.
  5. E
    Enable XAUTH on the IPsec VPN tunnel.

Correct Answer:
ABD

Question #7
You are investigating a report of poor wireless performance in a network that you manage. The issue is related to an AP interface in the 5 GHz range. You are monitoring the channel utilization over time.
What is the recommended maximum utilization value that an interface should not exceed?
  1. A
    85%
  2. B
    95%
  3. C
    75%
  4. D
    65%

Correct Answer:
D

Question #8
Which CLI command should an administrator use to view the certificate verification process in real time?
  1. A
    diagnose debug application foauthd -1
  2. B
    diagnose debug application radiusd -1
  3. C
    diagnose debug application authd -1
  4. D
    diagnose debug application fnbamd -1

Correct Answer:
D

Question #9
Which two statements about the guest portal on FortiAuthenticator are true? (Choose two.)
  1. A
    Each remote user on FortiAuthenticator can sponsor up to 10 guest accounts.
  2. B
    Administrators must approve all guest accounts before they can be used.
  3. C
    The guest portal provides pre and post-log in services.
  4. D
    Administrators can use one or more incoming parameters to configure a mapping rule for the guest portal.

Correct Answer:
CD

Question #10
Refer to the exhibits.


In the wireless configuration shown in the exhibits, an AP is deployed in a remote site and has a wireless network (VAP) called Corporate deployed to it.
The network is a tunnelled network; however, clients connecting to a wireless network require access to a local printer. Clients are trying to print to a printer on the remote site, but are unable to do so.
Which configuration change is required to allow clients connected to the Corporate SSID to print locally?
  1. A
    Configure split-tunneling in the vap configuration.
  2. B
    Configure split-tunneling in the wtp-profile configuration.
  3. C
    Disable the Block Intra-SSID Traffic (Intra-vap-privacy) setting on the SSID (VAP) profile.
  4. D
    Configure the printer as a wireless client on the Corporate wireless network.

Correct Answer:
A

Previous Questions Next Questions

All Pages