Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Examstrust Logo
examstrust mcafee
  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_NST_SE-7.4 - FCSS - Network Security 7.4 Support Engineer

Fortinet FCSS_NST_SE-7.4 FCSS - Network Security 7.4 Support Engineer Exam Practice Test

Page: 1 / 4
Total 40 questions
Get FCSS_NST_SE-7.4 Full Access Download FCSS_NST_SE-7.4 PDF

FCSS - Network Security 7.4 Support Engineer Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99
Add to Cart

PDF + Testing Engine

  • Product Type: PDF + Testing Engine
$52.5  $174.99
Add to Cart

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Add to Cart
Question 1

Which statement about IKEv2 is true?

Options:

A.

Both IKEv1and IKEv2 share the feature of asymmetric authentication.

B.

IKEv1and IKEv2 have enough of the header format in common that both versions can run over the same UDP port.

C.

IKEv1and IKEv2 use same TCP port but run on different UDP ports.

D.

IKEv1and IKEv2 share the concept of phase1and phase2.

Question 2

Which authentication option can you not configure under config user radius on FortiOS?

Options:

A.

mschap

B.

pap

C.

mschap2

D.

eap

Question 3

Refer to the exhibit, which shows a session entry.

Which statement about this session is true?

Options:

A.

Return traffic to the initiator is sent to 10.1.0.1.

B.

Return traffic to the initiator is sent lo 10.200.1.254.

C.

It is an ICMP session from 10.1.10.10 to 10.200.1.1.

D.

It is an ICMP session from 10.1.10.1 to 10.200.5.1.

Question 4

Which exchange lakes care of DoS protection in IKEv2?

Options:

A.

Create_CHILD_SA

B.

IKE_Auth

C.

IKE_Req_INIT

D.

IKE_SA_NIT

Question 5

Which two statements about Security Fabric communications are true? (Choose two.)

Options:

A.

FortiTelemetry and Neighbor Discovery both operate using TCP.

B.

The default port for Neighbor Discovery can be modified.

C.

FortiTelemetry must be manually enabled on the FortiGate interface.

D.

By default, the downstream FortiGate establishes a connection with the upstream FortiGate using TCP port 8013.

Question 6

Exhibit.

Refer to the exhibit, which shows two entries that were generated in theFSSO collectoragent logs.

What three conclusions can you draw from these log entries? {Choose three.)

Options:

A.

Remote registry is not running on the workstation.

B.

The user's status shows as "not verified" in the collector agent.

C.

DNS resolution is unable to resolve the workstation name.

D.

The FortiGate firmware version is not compatible with that of the collector agent.

E.

A firewall is blocking traffic to port 139 and 445.

Question 7

Refer to the exhibit, which shows a truncated output of a real-time LDAP debug.

What two conclusions can you draw from the output? (Choose two.)

Options:

A.

The name of the configured LDAP server is Lab.

B.

The user is authenticating using CN=John Smith.

C.

FortiOS is able to locate the user in step 3 (Bind Request) of the LDAP authentication process.

D.

FortiOS is performing the second step (Search Request) in the LDAP authentication process.

Question 8

Exhibit.

Refer to the exhibit, which shows the output of a session. Which two statements are true? (Choose Iwo.)

Options:

A.

The TCP session has been successfully established.

B.

The session was initiated from an authenticated user.

C.

The session is being inspected using flow inspection.

D.

The session is being offloaded.

Question 9

Refer to the exhibit, which shows the output of get router info bgp summary.

Which two statements are true? (Choose two.)

Options:

A.

The local ForliGate has received one prefix from BGP neighbor 100.64.1.254.

B.

The TCP connection with BGP neighbor 100.64.2.254 was successful.

C.

The local FortiGate has received 18 packets from a BGP neighbor.

D.

The local FortiGate is still calculating the prefixes received from BGP neighbor 100.64.2.264

Question 10

Refer to the exhibit, which shows the output ofa debug command.

Which two statements about the output are true? (Choose two.)

Options:

A.

The interlace is part of the OSPF backbone area.

B.

There are a total of five OSPF routers attached to the vorz4 network segment

C.

One of the neighbors has a router ID of 0.0.0.4.

D.

In the network connected to port4, two OSPF routers are down.

Question 11

Refer to the exhibit, which shows the output of a policy route table entry.

Which type of policy route does the output show?

Options:

A.

An ISDB route

B.

A regular policy route

C.

A regular policy route, which is associated with an active static route in the FIB

D.

AnSD-WAN rule

Question 12

Refer to the exhibit.

Assuming a default configuration, which three statements are true? (Choose three.)

Options:

A.

Strict RPF is enabled by default.

B.

User B: Fail. There is no route to 95.56.234.24 using wan2 in the routing table.

C.

User A: Pass. The default static route through wan1 passes the RPF check regardless of the source IP address.

D.

User B: Pass. FortiGate will use asymmetric routing using wan1 to reply to traffic for 95.56.234.24.

E.

User C: Fail. There is no route to 10.0.4.63 using port1 in the touting table.

Load More FCSS_NST_SE-7.4 Questions
Page: 1 / 4
Total 40 questions
Get FCSS_NST_SE-7.4 Full Access Download FCSS_NST_SE-7.4 PDF