最適な練習法にはNSE7_EFW-6.4問題集で素晴らしいNSE7_EFW-6.4試験問題PDF [Q10-Q26]

最適な練習法にはNSE7_EFW-6.4問題集で素晴らしいNSE7_EFW-6.4試験問題PDF

更新された検証済みの合格させるNSE7_EFW-6.4試験リアル問題と解答があります

Fortinet NSE7_EFW-6.4 認定試験の出題範囲：

トピック	出題範囲
トピック 1	フォーティネットセキュリティファブリックの実装 初期構成の実行
トピック 2	FortiManagerとFortiAnalyzer Autodiscovery VPN（ADVPN）を使用した一元管理と分析
トピック 3	動的ルーティング：OSPF、ボーダーゲートウェイプロトコル（BGP） システムとセッションのトラブルシューティング
トピック 4	侵入防止システム（IPS） コンテンツ検査 FortiOSアーキテクチャ
トピック 5	トラフィックとセッションの監視 ルーティングとレイヤー2スイッチング

 

質問 10
Examine the output of the 'diagnose ips anomaly list' command shown in the exhibit; then answer the question below.

Which IP addresses are included in the output of this command?

• A. Those whose traffic exceeded a threshold of a matching DoS policy.
• B. Those whose traffic matches a DoS policy.
• C. Those whose traffic matches an IPS sensor.
• D. Those whose traffic was detected as an anomaly by an IPS sensor.

正解: B

 

質問 11
View the following FortiGate configuration.

All traffic to theInternet currently egresses from port1. The exhibit shows partial session information for Internet traffic from a user on the internal network:

If the priority on route ID 1 were changed from 5 to 20, what would happen to traffic matching that user's session?

• A. The session would remain in thesession table, and its traffic would start to egress from port2.
• B. The session would remain in the session table, and its traffic would still egress from port1.
• C. The session would be deleted, so the client would need to start a new session.
• D. The session would remain in the session table, but its traffic would now egress from both port1 and port2.

正解: B

解説:
Explanation
http://kb.fortinet.com/kb/documentLink.do?externalID=FD40943

 

質問 12
A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

• A. Firewall monitor.
• B. Logs.
• C. Crashlogs.
• D. Policy monitor.

正解: B,C

 

質問 13
Which of the following conditions must be met for a static route to be active in the routing table? (Choose three.)

• A. The next-hop IP address belongs to one of the outgoing interface subnets.
• B. The next-hop IP address is up.
• C. The outgoing interface is up.
• D. The link health monitor (if configured) is up.
• E. There is no other route, to the same destination, with a higher distance.

正解: A,C,D

解説:
A configured static route only goes to routing table from routing database when all the following are met :
The outgoing interface is up
There is no other matching route with a lower distance
The link health monitor (if configured) is successful
The next-hop IP address belongs to one of the outgoing interface subnets

 

質問 14
What events are recorded in the crashlogs of a FortiGate device? (Choose two.)

• A. System entering to and leaving from the proxy conserve mode.
• B. Changes in the status of any of the FortiGuard licenses.
• C. Configuration changes.
• D. A process crash.

正解: A,D

解説:
diagnose debug crashlog read
275: 2014-08-05 13:03:53 proxy=acceptor service=imap session fail mode=activated 276: 2014-08-05 13:03:53 proxy=acceptor service=ftp session fail mode=activated 277: 2014-08-05 13:03:53 proxy=acceptor service=nntp session fail mode=activated 278: 2014-08-06 11:05:47 service=kernel conserve=on free="45034 pages" red="45874 pages" msg="Kernel 279: 2014-08-06 11:05:47 enters conserve mode" 280: 2014-08-06 13:07:16 service=kernel conserve=exit free="86704 pages" green="68811 pages" 281: 2014-08-06 13:07:16 msg="Kernel leaves conserve mode" 282: 2014-08-06 13:07:16 proxy=imd sysconserve=exited total=1008 free=349 marginenter=201 283: 2014-08-06 13:07:16 marginexit=302

 

質問 15
What is the purpose of an internal segmentation firewall (ISFW)?

• A. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.
• B. It is the first line of defense at the network perimeter.
• C. It inspects incoming traffic to protect services in the corporate DMZ.
• D. It splits the network into multiple security segments to minimize the impact of breaches.

正解: D

解説:
ISFW splits your network into multiple security segments. They serve as a breach containers from attacks that come from inside.

 

質問 16
The logs in a FSSO collector agent (CA) are showing the following error:
failed to connect to registry: PIKA1026 (192.168.12.232)
What can be the reason for this error?

• A. The CA cannot resolve the name of the workstation.
• B. The remote registry service is not running in the workstation 192.168.12.232.
• C. The FortiGate cannot resolve the name of the workstation.
• D. The CA cannot reach the FortiGate with the IP address 192.168.12.232.

正解: B

 

質問 17
Anadministrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this problem?

• A. TCP half open.
• B. TCP time wait.
• C. TCP half close.
• D. TCP session time to live.

正解: A

解説:
Explanation
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhe lp.htm?context=fgt&file=CLI_get_Commands.58.25.html The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACKremains in the table.
The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACKremains in the table.
The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in thetable. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.

 

質問 18
An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems. During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs. When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions. Which TCP session timer must be increased to fix this problem?

• A. TCP half open.
• B. TCP time wait.
• C. TCP half close.
• D. TCP session time to live.

正解: A

解説:
http://docs-legacy.fortinet.com/fos40hlp/43prev/wwhelp/wwhimpl/common/html/wwhelp.htm?context=fgt&file=CLI_get_Commands.58.25.html The tcp-halfopen-timer controls for how long, after a SYN packet, a session without SYN/ACK remains in the table.
The tcp-halfclose-timer controls for how long, after a FIN packet, a session without FIN/ACK remains in the table.
The tcp-timewait-timer controls for how long, after a FIN/ACK packet, a session remains in the table. A closed session remains in the session table for a few seconds more to allow any out-of-sequence packet.

 

質問 19
Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

• A. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.
• B. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.
• C. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.
• D. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.

正解: A,B

解説:
CLI scripts can be run in three different ways: Device Database: By default, a script is executed on the device database. It is recommend you run the changes on the device database (default setting), as this allows you to check what configuration changes you will send to the managed device. Once scripts are run on the device database, you can install these changes to a managed device using the installation wizard.
Policy Package, ADOM database: If a script contains changes related to ADOM level objects and policies, you can change the default selection to run on Policy Package, ADOM database and can then be installed using the installation wizard.
Remote FortiGate directly (through CLI): A script can be executed directly on the device and you don't need to install these changes using the installation wizard. As the changes are directly installed on the managed device, no option is provided to verify and check the configuration changes through FortiManager prior to executing it.

 

質問 20
Examine the output from the BGP real time debug shown in the exhibit, then the answer the question below:

Which statements are true regarding the output in the exhibit? (Choose two.)

• A. Local BGP peer received a prefix for a default route.
• B. The state of the remote BGP peer is OpenConfirm.
• C. BGP peers have successfully interchanged Open and Keepalive messages.
• D. The state of the remote BGP peer will go to Connect after it confirms the received prefixes.

正解: A,C

 

質問 21
View the exhibit, which contains the output of get sys ha status, and then answer the question below.

Which statements are correct regarding the output? (Choose two.)

• A. Master is selected because it is the only device in the cluster.
• B. The HA management IP is 169.254.0.2.
• C. The slave configuration is not synchronized with the master.
• D. port 7 is used the HA heartbeat on all devices in the cluster.

正解: C,D

 

質問 22
Examine the output of the 'get router info bgp summary' command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

• A. BGP state of the peer 10.125.0.60 is Established.
• B. BGP peer 10.200.3.1 has never beendown since the BGP counters were cleared.
• C. The local BGP peer has received a total of 3 BGP prefixes.
• D. Local BGP peer has not received an OpenConfirm from 10.200.3.1.

正解: A,D

 

質問 23
Examine the output of the 'get router info ospf interface' command shown in the exhibit; then answer the question below.

Which statements are true regarding the above output? (Choose two.)

• A. The local FortiGate has been elected as the OSPF backup designated router.
• B. Two OSPF routers are down in the port4 network.
• C. There are at least 5 OSPF routers connected to the port4 network.
• D. The port4 interface is connected to the OSPF backbone area.

正解: C,D

解説:
on BROADCAST network there are 4 neighbors, among which 1*DR +1*BDR. So our FG has 4 neighbors, but create adjacency only with 2 (with DR and BDR). 2 neighbors DRother (not down).

 

質問 24
Which of the following statements are correct regardingapplication layer test commands? (Choose two.)

• A. They display real-time application debugs.
• B. They are used to filter real-time debugs.
• C. Some of them can beused to restart an application.
• D. Some of them display statistics and configuration information about a feature or process.

正解: C,D

解説:
Explanation
Application layer test commands don't display info in real time, but they do show statistics and configuration info about a feature or process. You can also use some of these commands to restart a pr ocess or execute a change in its operation.

 

質問 25
Which two statements about FortiManager is true when it is deployed as alocal FDS? (Choose two.)

• A. It provides VM license validation services.
• B. It caches available firmware updates for unmanaged devices.
• C. It supports rating requests from both managed and unmanaged devices.
• D. It can be configured as an update server, or a rating server, but not both.

正解: A,B

 

質問 26
......

更新されたPDF（2022年最新）実際にある NSE7_EFW-6.4試験問題：https://www.jpntest.com/shiken/NSE7_EFW-6.4-mondaishu