Fortinet FCSS_NST_SE-7.4 - FCSS - Network Security 7.4 Support Engineer Exam

Page:    1 / 14   
Total 66 questions

Refer to the exhibit, which shows the port1 interface configuration on FortiGate and partial session information for ICMP traffic.

What happens to the session information if a routing change occurs that affects this session?

  • A. Only the interface and gateway information for dev=7 will be removed.
  • B. The session information will not change unless the current route has been removed from the routing table.
  • C. The session will be flagged as dirty but no route lookups will be performed.
  • D. Sessions involving port7 or port19 will not have their routing information flushed.


Answer : B

Refer to the exhibit, which shows the modified output of the routing kernel.

Which statement is true?

  • A. The egress interface associated with static route 8.8.8.8/32 is administratively up.
  • B. The default static route through 10.200.1.254 is not in the forwarding information base.
  • C. The default static route through port2 is in the forwarding information base.
  • D. The BGP route to 10.0.4.0/24 is not in the forwarding information base.


Answer : D

Refer to the exhibit.
The exhibit shows the output from using the command diagnose debug application samld -1 to diagnose a SAML connection.

Based on this output, what can you conclude?

  • A. Active Directory is used for authentication.
  • B. The authentication request is for an SSL VPN connection.
  • C. The IdP IP address is 10.1.10.254.
  • D. The IdP IP address is 10.1.10.2.


Answer : D

Refer to the exhibit, which shows the output of the command get router info bgp neighbors 100.64.2.254 advertised-routes.

What can you conclude from the output?

  • A. The BGP state of the two BGP participants is OpenConfirm.
  • B. The router ID of the neighbor is 100.64.2.254.
  • C. The BGP neighbor is advertising the 10.20.30.40/24 network to the local router.
  • D. The local router is advertising the 10.20.30.40/24 network to its BGP neighbor.


Answer : D

Refer to the exhibit, which shows the partial output of a real-time OSPF debug.


Why are the two FortiGate devices unable to form an adjacency?

  • A. The Hello packet is being sent from an OSPF router with ID 0.0.0.112.
  • B. The two FortiGate devices attempting adjacency are in area 0.0.0.0.
  • C. One FortiGate device is configured to require authentication, while the other is not.
  • D. The passwords on the FortiGate devices do not match.


Answer : C

Page:    1 / 14   
Total 66 questions