Labour Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

NSE 7 Network Security Architect NSE7_EFW-7.0 Book

Previous
Page: 2 / 5
Next
Question 8

Which action will FortiGate take when using the default settings for SSL certificate inspection, where the server name indication (SNI) does not match either the common name (CN) or any of the subject altemative names (SAN) in the server certificate?

Options:

A.

FortiGate uses the CN information from the Subject field in the server certificate.

B.

FortiGate uses the first entry listed in the SAN field in the server certificate.

C.

FortiGate uses the SNI from the user's web browser.

D.

FortiGate closes the connection because this represents an invalid SSL/TLS configuration.

Question 9

Refer to the exhibit, which shows partial outputs from two routing debug commands.

Which change must an administrator make on FortiGate to route web traffic from internal users to the internet, using ECMP?

Options:

A.

Set the priority of the static default route using port1 to 10. Most Voted

B.

Set the priority of the static default route using port2 to 1.

C.

Set preserve-session-route to enable.

D.

Set snat-route-change to enable.

Question 10

Examine the partial output from two web filter debug commands; then answer the question below:

Based on the above outputs, which is the FortiGuard web filter category for the web site

Options:

A.

Finance and banking

B.

General organization.

C.

Business.

D.

Information technology.

Question 11

An administrator wants to capture encrypted phase 2 traffic between two FortiGate devices using the built-in sniffer.

If the administrator knows that there is no NAT device located between both FortiGate devices, which command should the administrator run?

Options:

A.

diagnose sniffer packet any ‘ah’

B.

diagnose sniffer packet any ‘ip proto 50’

C.

diagnose sniffer packet any ‘udp port 4500’

D.

diagnose sniffer packet any ‘udp port 500’

Previous
Page: 2 / 5
Next
NSE 7 Network Security Architect NSE7_EFW-7.0 Book, Fortinet NSE 7 Network Security Architect NSE7_EFW-7.0 New Questions, NSE7_EFW-7.0 Premium Exam Questions, Full Access Fortinet NSE7_EFW-7.0 Tutorials,
Exam Code: NSE7_EFW-7.0
Exam Name: Fortinet NSE 7 - Enterprise Firewall 7.0
Last Update: Apr 28, 2024
Questions: 163
NSE7_EFW-7.0 pdf

NSE7_EFW-7.0 PDF

$28  $80
 Add to Cart
NSE7_EFW-7.0 Engine

NSE7_EFW-7.0 Testing Engine

$33.25  $95
 Add to Cart
NSE7_EFW-7.0 PDF + Engine

NSE7_EFW-7.0 PDF + Testing Engine

$45.5  $130
 Add to Cart