NSE7_EFW-7.0 V2

Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)A . SIP session helper runs in the kernel; SIP ALG runs as a user space process. B. SIP ALG supports SIP HA failover; SIP helper does not. C. SIP...

The CLI command set intelligent-mode <enable | disable> controls the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?A . Determines the optimal number of IPS engines required based on system load. B. Downloads signatures on demand from FDS based on scanning requirements. C. Determines...

What does the dirty flag mean in a FortiGate session configured for NGFW policy mode?A . The existing session table entry has been updated with the app_id and the firewall policy table needs to be checked for a match. B. The application or URL category is unknown and needs to...

Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router. The second unit is elected as the backup designated router Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?A . 1...

Exhibits: Refer to the exhibits, which contain the network topology and BGP configuration for a hub. An administrator is trying to configure ADVPN with a hub-spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over...

View the global IPS configuration, and then answer the question below. Which of the following statements is true regarding this configuration?A . IPS will scan every byte in every session. B. FortiGate will spawn IPS engine instances based on the system load. C. New packets will be passed through without...

Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command. Based on the output, which two statements are correct? (Choose two.)A . The npu_flag for this tunnel is 03. B. Different SPI values are a result of auto-negotiation being disabled for phase 2...

View the following FortiGate configuration. All traffic to the Internet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network: If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that...

Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)A . Preview pending configuration changes for managed devices. B. Add devices to FortiManager. C. Import policy packages from managed devices. D. Install configuration changes to managed devices. E. Import interface mappings from managed devices.View AnswerAnswer: A,D Explanation:...

An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of...