Win IT Exam with Last Dumps 2025

Fortinet NSE7_EFW-7.0 Exam

Page 5/6
Viewing Questions 41 50 out of 60 Questions
83.33%

Question 41
Refer to the exhibit, which shows a session entry.
Which statement about this session is true?
Image NSE7_EFW-7.0_41Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. It is an ICMP session from 10.1.10.10 to 10.200.1.1.
B. Return traffic to the initiator is sent to 10.1.0.1.
C. It is an ICMP session from 10.1.10.1 to 10.200.5.1.
D. Return traffic to the initiator is sent to 10.200.1.254.

Question 42
Refer to the exhibit, which shows a central management configuration.
Which server will FortiGate choose for web filter rating requests, if 10.0.1.240 is experiencing an outage?
Image NSE7_EFW-7.0_42Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. Public FortiGuard servers
B. 10.0.1.243
C. 10.0.1.242
D. 10.0.1.244

Question 43
Refer to the exhibit, which shows the output of diagnose sys session list.
If the HA ID for the primary device is 0, what will happen if the primary fails and the secondary becomes the primary?
Image NSE7_EFW-7.0_43Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. Traffic for this session continues to be permitted on the new primary device after failover, without requiring the client to restart the session with the server.
B. The secondary device has this session synchronized; however, because application control is applied, the session will be marked dirty and have to be re-evaluated after failover.
C. The session state will be preserved but the kernel will need to re-evaluate the session due to NAT being applied.
D. The session will be removed from the session table of the secondary device due to the presence of allowed error packets, which will force the client to restart the session with the server.

Question 44
Refer to the exhibit, which contains partial output from an IKE real-time debug.
Why did the tunnel not come up?
Image NSE7_EFW-7.0_44Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. The local gateway has configured less secure encryption and hashing algorithms compared to the remote gateway.
B. The Diffie-Hellman group does not match on the local and remote gateways.
C. The proposal ID does not match between local and remote gateways.
D. The encapsulation method for phase 2 is set to none on local and remote gateways.

Question 45
Refer to the exhibit, which shows the output of diagnose sys session stat.
Which statement about the output shown in the exhibit is correct?
Image NSE7_EFW-7.0_45Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. There are two sessions that have not been removed in case of any out-of-order packets that arrive.
B. There are 166 TCP sessions waiting to complete the three-way handshake.
C. 162 sessions have been deleted because of memory page exhaustion.
D. All the sessions in the session table are TCP sessions.


Question 46
Refer to the exhibit, which contains the output of the diagnose vpn tunnel list.
Which command will capture ESP traffic for the VPN named DialUp_0?
Image NSE7_EFW-7.0_46Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. diagnose sniffer packet any ‘esp and host 10.200.3.2’
B. diagnose sniffer packet any ‘ip proto 50’
C. diagnose sniffer packet any ‘host 10.0.10.10’
D. diagnose sniffer packet any ‘port 4500’

Question 47
Refer to the exhibit, which shows the output of a real-time debug.
Which statement about this output is true?
Image NSE7_EFW-7.0_47Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. The requested URL belongs to category ID 255.
B. The server hostname was extracted from the SNI in the client request, or from the CN in the server certificate.
C. FortiGate found the requested URL in its local cache.
D. This web request was inspected using the ftgd-allow web filter profile.

Question 48
Refer to the exhibits, which contain the network topology and BGP configuration for a hub.
An administrator is trying to configure ADVPN with a hub and spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however, the spokes are not receiving route information from each other.
What change must the administrator make to the hub BGP configuration so that the routes learned from one spoke are forwarded to the other spoke?
Image NSE7_EFW-7.0_48Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. Enable route redistribution under config router bgp.
B. Configure the hub as a route reflector.
C. Configure auto-discovery-sender on the hub.
D. Add a prefix list to the hub that permits routes to be shared between the spokes.

Question 49
Refer to the exhibit, which contains a TCL script configuration on FortiManager.
An administrator has configured the TCL script on FortiManager, but the TCL script failed to apply any changes to the managed device after being run.
Why did the TCL script fail to make any changes to the managed device?
Image NSE7_EFW-7.0_49Q.png related to the Fortinet NSE7_EFW-7.0 Exam
A. The TCL script must start with #include <>.
B. The TCL procedure lacks the required loop statements to iterate through the changes.
C. There is no corresponding #! to signify the end of the script.
D. The TCL procedure run_cmd has not been created.

Question 50
Which two statements about the Security Fabric are true? (Choose two.)
A. Only the root FortiGate collects network topology information and forwards it to FortiAnalyzer.
B. Only the root FortiGate sends logs to FortiAnalyzer.
C. Only FortiGate devices with fabric-object-unification set to default will receive and synchronize global CMDB objects sent by the root FortiGate.
D. FortiGate uses FortiTelemetry protocol to communicate with FortiAnalyzer.