Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_NST_SE-7.4
  5. FCSS - Network Security 7.4 Support Engineer Questions and Answers

Pass the Fortinet Certified Solution Specialist FCSS_NST_SE-7.4 Questions and answers with ValidTests

Exam FCSS_NST_SE-7.4 All Questions
Exam FCSS_NST_SE-7.4 Premium Access

View all detail and faqs for the FCSS_NST_SE-7.4 exam

Go to Exam
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

Exhibit.

Question # 1

Refer to the exhibit, which shows the output of diagnose automation test.

What can you observe from the output? (Choose two.)

Options:

A.

The automation stitch test is not being logged.

B.

The automation stitch test failed but the HA failover was successful.

C.

An HA failover occurred.

D.

The test was unsuccessful.

Questions # 2:

Refer to the exhibit, which shows the output o! the BGP database.

Question # 2

Which two statements are correct? (Choose two.)

Options:

A.

The advertised prefix of 10.20.30.0'24 was configured using the network command.

B.

The first four prefixes are being advertised using a legacy route advertisement.

C.

The advertised prefix of 10.20.30.0'24 is being advertised through the redistribution of another routing protocol.

D.

The output shows all prefixes advertised by all neighbors as well as the local router.

Questions # 3:

Exhibit.

Question # 3

Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.

What three conclusions can you draw from these log entries? {Choose three.)

Options:

A.

Remote registry is not running on the workstation.

B.

The user's status shows as "not verified" in the collector agent.

C.

DNS resolution is unable to resolve the workstation name.

D.

The FortiGate firmware version is not compatible with that of the collector agent.

E.

A firewall is blocking traffic to port 139 and 445.

Questions # 4:

Which statement about protocol options is true?

Options:

A.

Protocol options allow administrators to configure a maximum number of sessions for each configured protocol.

B.

Protocol options give administrators a streamlined method to instruct FortiGate to block all sessions corresponding to disabled protocols.

C.

Protocol options allow administrators to configure the Any setting for all enabled protocols, which provides the most efficient use of system resources.

D.

Protocol options allow administrators to configure which Layer 4 port numbers map to upper-layer protocols, such as HTTP, SMTP, FTP, and so on.

Questions # 5:

Refer to the exhibit.

Question # 5

Assuming a default configuration, which three statements are true? (Choose three.)

Options:

A.

Strict RPF is enabled by default.

B.

User B: Fail. There is no route to 95.56.234.24 using wan2 in the routing table.

C.

User A: Pass. The default static route through wan1 passes the RPF check regardless of the source IP address.

D.

User B: Pass. FortiGate will use asymmetric routing using wan1 to reply to traffic for 95.56.234.24.

E.

User C: Fail. There is no route to 10.0.4.63 using port1 in the touting table.

Questions # 6:

Refer to the exhibit, which shows a session entry.

Question # 6

Which statement about this session is true?

Options:

A.

Return traffic to the initiator is sent to 10.1.0.1.

B.

Return traffic to the initiator is sent lo 10.200.1.254.

C.

It is an ICMP session from 10.1.10.10 to 10.200.1.1.

D.

It is an ICMP session from 10.1.10.1 to 10.200.5.1.

Questions # 7:

Which statement about parallel path processing is correct (PPP)?

Options:

A.

PPP chooses from a group of parallel options lo identity the optimal path tor processing a packet.

B.

Only FortiGate hardware configurations affect the path that a packet takes.

C.

PPP does not apply to packets that are part of an already established session.

D.

Software configuration has no impact on PPP.

Questions # 8:

Refer to the exhibit, which shows the partial output of FortiOS kernel slabs.

Question # 8

Which statement is true?

Options:

A.

The total slab size of the sctp_session slab is 0 kB and is associated with the user space.

B.

The total slab size of the ip_session slab is 3600 kB and is associated with the user space.

C.

The total slab size of the ip6_session slab is 1300 kB and is associated with the kernel.

D.

The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.

Questions # 9:

Exhibit 1.

Question # 9

Exhibit 2.

Question # 9

Refer to the exhibits, which show the configuration on FortiGate and partial internet session information from a user on the internal network.

An administrator would like to lest session failover between the two service provider connections.

Which two changes must the administrator make to force this existing session to immediately start using the other interface? (Choose two.)

Options:

A.

Change the priority of the port! static route to 11.

B.

Change the priority of the port2 static route to 5.

C.

Configure unset snat-route-change to return it to the default setting.

D.

Configure set snat-route-change enable.

Questions # 10:

Refer to the exhibit.

The exhibit shows the output from using the command diagnose debug application samld -1 to diagnose a SAML connection.

Question # 10

Based on this output, what can you conclude?

Options:

A.

Active Directory is used for authentication.

B.

The authentication request is for an SSL VPN connection.

C.

The IdP IP address is 10.1.10.254.

D.

The IdP IP address is 10.1.10.2.

Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions