NSE7_EFW-6.0 Online Practice Questions and Answers
View the central management configuration shown in the exhibit, and then answer the question below.
Which server will FortiGate choose for antivirus and IPS updates if 10.0.1.243 is experiencing an outage?
A. 10.0.1.244
B. Public FortiGuard servers
C. 10.0.1.240
D. 10.0.1.242
View the global IPS configuration, and then answer the question below.
Which of the following statements is true regarding this configuration? (Choose two.)
A. IPS will scan every byte in every session.
B. IPS acceleration is disabled in this FortiGate device's configuration.
C. New packets requiring IPS inspection will be passed through during conserve mode.
D. FortiGate will spawn IPS engine instances based on the system load.
View the exhibit, which contains the output of a real-time debug, and then answer the question below.
Which of the following statements are true regarding this output (Choose two.)
A. This web request was inspected using the root web filter profile.
B. The requested URL belongs to category ID 52.
C. The web request was blocked by FortiGate.
D. FortiGate found the requested URL in its local cache.
Which of the following conditions must be met for a static route to be active in the routing table? (Choose two.)
A. The next-hop IP address is up.
B. There is no other route, to the same destination, with a higher distance.
C. The link health monitor (if configured) is up.
D. The outgoing interface is up.
What configuration settings change the behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)
A. mem-failopen
B. ips-failopen
C. utm-failopen
D. av-failopen
What does the dirty flag mean in a FortiGate session?
A. The session must be removed from the former primary unit after an HA failover.
B. Traffic has been identified as from an application that is not allowed.
C. The next packet must be re-evaluated against the firewall policies.
D. Traffic has been blocked by the antivirus inspection.
View these partial outputs from two routing debug commands:
Which outbound interface will FortiGate use to route web traffic from internal users to the Internet?
A. Both port1 and port2
B. port3
C. port2
D. port1
What is the purpose of an internal segmentation firewall (ISFW)?
A. It is the first line of defense at the network perimeter.
B. It inspects incoming traffic to protect services in the corporate DMZ.
C. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.
D. It splits the network into multiple security segments to minimize the impact of breaches.
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.