Fortinet FCSS_NST_SE-7.6 - Fortinet NSE 6 - Network Security 7.6 Support Engineer Exam
Page: 1 / 8
Total 38 questions
Question #1 (Topic: Exam A)
The local OSPF router is unable to establish adjacency with a peer.
Which two things should the administrator do to troubleshoot the issue? (Choose two.)
Which two things should the administrator do to troubleshoot the issue? (Choose two.)
A. Check if there is an active static route to the peer.
B. Check if both peers have an IP address within the same subnet.
C. Check if TCP port 179 is blocked.
D. Check if IP protocol 89 is blocked.
Answer: BD
Question #2 (Topic: Exam A)
Refer to the exhibit.
Partial output of the real-time LDAP debug is shown.
Which two actions can the administrator take to resolve this issue? (Choose two.)
Partial output of the real-time LDAP debug is shown.
Which two actions can the administrator take to resolve this issue? (Choose two.)
A. Ensure the account is active.
B. Ensure the user is providing the correct user credentials.
C. Ensure the user is a member of at least one AD group to ensure that step 4 of the LDAP authentication process is successful.
D. Ensure the user logs in using ‘John Smith’ not ‘jsmith’.
Answer: AB
Question #3 (Topic: Exam A)
Refer to the exhibit.
Partial output of FortiOS kernel slabs
The partial output of FortiOS kernel slabs is shown.
Which statement about total slab size is true?
Partial output of FortiOS kernel slabs
The partial output of FortiOS kernel slabs is shown.
Which statement about total slab size is true?
A. The total slab size of the ip6_session slab is 1472 kB and is associated with the kernel.
B. The total slab size of the ip_session slab is 14080 kB and is associated with the user space.
C. The total slab size of the UDPv6 slab is 14080 kB and is associated with the user space.
D. The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.
Answer: A
Question #4 (Topic: Exam A)
Refer to the exhibit.
The partial output of diagnose sys session stat command is shown.
Which statement about the output shown in the exhibit is correct?
The partial output of diagnose sys session stat command is shown.
Which statement about the output shown in the exhibit is correct?
A. 27 sessions have expired but are still in the session table in case any out-of-order packets arrive.
B. 562 TCP sessions have their proto_state set to 01 if there is no inspection.
C. There have been 131072 recorded ephemeral sessions but there are no current ones.
D. 113 sessions have been dropped because of memory page exhaustion.
Answer: C
Question #5 (Topic: Exam A)
A VPN tunnel is up. To monitor traffic flow, the administrator enters the following CLI commands on an SSH session on FortiGate:
# diagnose debug enable
# diagnose sniffer packet any ’udp and port 500’ 4
However, the sniffer does not show any output.
Assuming default configuration values, what are two possible reasons there is no output? (Choose two.)
# diagnose debug enable
# diagnose sniffer packet any ’udp and port 500’ 4
However, the sniffer does not show any output.
Assuming default configuration values, what are two possible reasons there is no output? (Choose two.)
A. The sniffer output will be ignored because running diagnose debug enable shows only application real-time debugs.
B. NAT Traversal is enabled.
C. The sniffer must be restricted to the remote peer IP address.
D. The filter should be modified to also capture packets for TCP port 443 or TCP port 4500.
Answer: BD
