Fortinet FCSS_EFW_AD-7.6 - NSE 7 - Enterprise Firewall 7.6 Administrator Exam
Page: 2 / 7
Total 34 questions
Question #6 (Topic: Exam A)
You receive a FortiAnalyzer alert warning that a 1 ТВ disk filled up in a day. Upon investigation, you find thousands of unusual DNS log requests, such as JHCMQK.website.com, with no answers. You later discover that DNS exfiltration is occurring through both UDP and TLS.
How can you prevent this data theft technique?
How can you prevent this data theft technique?
A. Use a file filter profile to protect against DNS exfiltration.
B. Use an intrusion prevention system (IPS) profile and DNS exfiltration-related signatures.
C. Enable DNS filter to protect against DNS exfiltration.
D. Enable data loss prevention (DLP) to prevent DNS exfiltration.
Answer: B
Question #7 (Topic: Exam A)
Refer to the exhibit.
Based on the exhibit, what is the first message that Spoke 1 replies to the hub instructing it to bring up the dynamic tunnel if a client generates traffic destined to Spoke 2?
Based on the exhibit, what is the first message that Spoke 1 replies to the hub instructing it to bring up the dynamic tunnel if a client generates traffic destined to Spoke 2?
A. Shortcut query
B. Shortcut forward
C. Shortcut offer
D. Shortcut reply
Answer: A
Question #8 (Topic: Exam A)
Refer to the exhibit.
A network diagram with a hub and spokes deployment is shown.
You must deploy several spokes, including the BGP configuration for the spokes that connect to the hub.
Which two commands would you use to minimize the amount of configuration needed on the hub? (Choose two.)
A network diagram with a hub and spokes deployment is shown.
You must deploy several spokes, including the BGP configuration for the spokes that connect to the hub.
Which two commands would you use to minimize the amount of configuration needed on the hub? (Choose two.)
A. ebgp-multipath
B. route-overlap
C. neighbor-range
D. neighbor-group
Answer: CD
Question #9 (Topic: Exam A)
Refer to the exhibit.
The VDOM configuration on a FortiGate device is shown.
You discover that web filtering stopped working in Corel and Core2 after a maintenance window.
What are two reasons why web filtering stopped working? (Choose two.)
The VDOM configuration on a FortiGate device is shown.
You discover that web filtering stopped working in Corel and Core2 after a maintenance window.
What are two reasons why web filtering stopped working? (Choose two.)
A. The root VDOM does not use a VDOM link to connect with the Core1 and Core2 VDOMs.
B. The root VDOM does not have access to any valid, public Fortinet Distribution Network (FDN).
C. The root VDOM does not have access to FortiManager in a dosed network.
D. The Core1 and Core2 VDOMs must also be enabled as management VDOMs to receive FortiGuard updates.
Answer: AB
Question #10 (Topic: Exam A)
Refer to the exhibit.
An OSPF network is shown.
Which configuration must you apply to optimize the OSPF database?
An OSPF network is shown.
Which configuration must you apply to optimize the OSPF database?
A. Set the area 0.0.0.1 to the type Stub in the area border FortiGate.
B. Set a route map in the autonomous system boundary FortiGate.
C. Set the area 0.0.0.l to the type NSSA in the area border FortiGate.
D. Set a prefix list in the autonomous system boundary FortiGate.
Answer: A
