Free NSE7_EFW-7.0 Exam Braindumps

View the exhibit, which contains a partial output of an IKE real-time debug, and then answer the question below.

Based on the debug output, which phase-1 setting is enabled in the configuration of this VPN?

1. A. auto-discovery-sender
2. B. auto-discovery-forwarder
3. C. auto-discovery-shortcut
4. D. auto-discovery-receiver

Correct Answer: B

A FortiGate has two default routes:

All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user:

What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?

1. A. The session would be deleted, and the client would need to start a new session.
2. B. The session would remain in the session table, and its traffic would start to egress from port2.
3. C. The session would remain in the session table, but its traffic would now egress from both port1 and port2.
4. D. The session would remain in the session table, and its traffic would still egress from port1.

Correct Answer: D

Examine the output of the 'diagnose debug rating' command shown in the exhibit; then answer the question below.

Which statement are true regarding the output in the exhibit? (Choose two.)

1. A. There are three FortiGuard servers that are not responding to the queries sent by the FortiGate.
2. B. The TZ value represents the delta between each FortiGuard server's time zone and the FortiGate's time zone.
3. C. FortiGate will send the FortiGuard queries to the server with highest weight.
4. D. A server's round trip delay (RTT) is not used to calculate its weight.

Correct Answer: BC

Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)

1. A. The next-hop IP address is up.
2. B. There is no other route, to the same destination, with a higher distance.
3. C. The link health monitor (if configured) is up.
4. D. The next-hop IP address belongs to one of the outgoing interface subnets.
5. E. The outgoing interface is up.

Correct Answer: CDE
A configured static route only goes to routing table from routing database when all the following are met :
The outgoing interface is up
There is no other matching route with a lower distance
The link health monitor (if configured) is successful
The next-hop IP address belongs to one of the outgoing interface subnets

View the exhibit, which contains the partial output of a diagnose command, and then answer the question below.

Based on the output, which of the following statements is correct?

1. A. Anti-reply is enabled.
2. B. DPD is disabled.
3. C. Quick mode selectors are disabled.
4. D. Remote gateway IP is 10.200.5.1.

Correct Answer: A