Practice Exams:

Free NSE7_EFW-7.0 Exam Braindumps

Pass your Fortinet NSE 7 - Enterprise Firewall 7.0 exam with these free Questions and Answers

Page 5 of 33
PDF with 163 Questions
QUESTION 16

Refer to the exhibit, which contains partial output from an IKE real-time debug.
NSE7_EFW-7.0 dumps exhibit
Based on the debug output, which phase 1 setting is enabled in the configuration of this VPN?

  1. A. auto-discovery-shortcut
  2. B. auto-discovery-forwarder
  3. C. auto-discovery-sender
  4. D. auto-discovery-receiver

Correct Answer: D

QUESTION 17

Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command.
NSE7_EFW-7.0 dumps exhibit
Based on the output, which two statements are correct? (Choose two.)

  1. A. Phase 2 authentication is set to sha1 on both sides.
  2. B. Anti-replay is disabled.
  3. C. Hub2Spoke1 is a policy-based VPN.
  4. D. Hub2Spoke1 is configured on interface wan2.

Correct Answer: AD

QUESTION 18

Which statement about memory conserve mode is true?

  1. A. A FortiGate exits conserve mode when the configured memory use threshold reaches yellow.
  2. B. A FortiGate starts dropping all the new and old sessions when the configured memory use threshold reaches extreme.
  3. C. A FortiGate starts dropping new sessions when the configured memory use threshold reaches red
  4. D. A FortiGate enters conserve mode when the configured memory use threshold reaches red

Correct Answer: D

QUESTION 19

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

  1. A. Group ID.
  2. B. Group name.
  3. C. Session pickup.
  4. D. Gratuitous ARPs.

Correct Answer: A
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-high-availability-52/HA_failoverVMAC.htm

QUESTION 20

Which two statements about bulk configuration changes made using FortiManager CLI scripts are correct? (Choose two.)

  1. A. When run on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate device.
  2. B. When run on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.
  3. C. When run on the All FortiGate in ADOM, changes are automatically installed without the creation of a new revision history.
  4. D. When run on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate device.

Correct Answer: AB

Page 5 of 33
PDF with 163 Questions

Post your Comments and Discuss Fortinet NSE7_EFW-7.0 exam with other Community members: