Microsoft
Amazon
CompTIA
Salesforce
Cisco®
SAP
PMI
ISC
ISACA
VMware
HP
Palo Alto Networks
EC-Council
LPI
Google
Fortinet
All Vendors
  2. Home
  3. Exam List
  4. Fortinet
  5. NSE7_EFW-6.2

Fortinet NSE 7 - Enterprise Firewall 6.2
NSE7_EFW-6.2 Exam

View the IPS exit log, and then answer the question below.
# diagnose test application ipsmonitor 3
ipsengine exit log"
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017
code = 11, reason: manual
What is the status of IPS on this FortiGate?

  1. IPS engine memory consumption has exceeded the model-specific predefined value.
  2. IPS daemon experienced a crash.
  3. There are communication problems between the IPS engine and the management database.
  4. All IPS-related features have been disabled in FortiGate's configuration.

Answer(s): D

Explanation:

The command diagnose test application ipsmonitor includes many options that are useful for troubleshooting purposes.Option 3 displays the log entries generated every time an IPS engine process stopped. There are various reasons why these logs are generated:Manual: Because of the configuration, IPS no longer needs to run (that is, all IPS-releated features have been disabled)



An administrator wants to capture ESP trafficbetween two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

  1. diagnose sniffer packet any `udp port 500'
  2. diagnose sniffer packet any `udp port 4500'
  3. diagnose sniffer packet any `esp'
  4. diagnose sniffer packet any `udp port 500 or udp port 4500'

Answer(s): C



Examine the following partial output from a sniffer command; then answer the question below.



What is the meaning of the packetsdropped counter at the end of the sniffer?

  1. Number of packets that didn't match the sniffer filter.
  2. Number of total packets dropped by the FortiGate.
  3. Number of packets that matched the sniffer filter and were dropped by the FortiGate.
  4. Number ofpackets that matched the sniffer filter but could not be captured by the sniffer.

Answer(s): D

Explanation:

https://kb.fortinet.com/kb/documentLink.do?externalID=11655



Examine the output from the `diagnose vpn tunnel list' command shown inthe exhibit; then answer the question below.

Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?

  1. diagnose sniffer packet any `port 500'
  2. diagnose sniffer packet any `esp'
  3. diagnose sniffer packet any `host10.0.10.10'
  4. diagnose sniffer packet any `port 4500'

Answer(s): D

Explanation:

NAT-T is enabled. natt: mode=silentProtocol ESP is used. ESP is encapsulated in UDP port 4500 when NAT-T is enabled.




Parag
Hi, Let me appreciate your Study Guide. I passed the exam with 92%. All the questions were from the study guide. I am still wondering where I went wrong for not scoring 100%. I will not hesitate to recommend your site to my friends and colleagues. Thanks
- UNITED STATES
Upvote


J M
Hello, I purchased your 640-801 last week and I was able to pass my exam with 96%. The questions were all the same. I wondering how you guys do it? Keep up the good job. I appreciate your service and your best price. Thanks
- UNITED STATES
Upvote

Read more ...