Archie Praed

Mar 28, 2016
Reaction score
2018-8-9 Braindump2go Fortinet NSE7 Exam Dumps with PDF and VCE New Updated! Following are some new NSE7 Real Exam Questions:

Which of the following statements are true regarding the SIP session helper and the SIP application layer gateway (ALG)? (Choose three.)

A. SIP session helper runs in the kernel; SIP ALG runs as a user space process.
B. SIP ALG supports SIP HA failover; SIP helper does not.
C. SIP ALG supports SIP over IPv6; SIP helper does not.
D. SIP ALG can create expected sessions for media traffic; SIP helper does not.
E. SIP helper supports SIP over TCP and UDP; SIP ALG supports only SIP over UDP.

Answer: BCD

A corporate network allows Internet Access to FSSO users only. The FSSO user student does not have Internet access after successfully logged into the Windows AD network. The output of the `diagnose debug authd fsso list' command does not show student as an active FSSO user. Other FSSO users can access the Internet without problems. What should the administrator check? (Choose two.)

A. The user student must not be listed in the CA's ignore user list.
B. The user student must belong to one or more of the monitored user groups.
C. The student workstation's IP subnet must be listed in the CA's trusted list.
D. At least one of the student's user groups must be allowed by a FortiGate firewall policy.

Answer: BD

An administrator is running the following sniffer in a FortiGate:
diagnose sniffer packet any "host" 2
What information is included in the output of the sniffer? (Choose two.)

A. Ethernet headers.
B. IP payload.
C. IP headers.
D. Port names.

Answer: BC

Examine the partial output from two web filter debug commands; then answer the question below:

Based on the above outputs, which is the FortiGuard web filter category for the web site

A. Finance and banking
B. General organization.
C. Business.
D. Information technology.

Answer: C

Examine the output of the `get router info bgp summary' command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

A. BGP state of the peer is Established.
B. BGP peer has never been down since the BGP counters were cleared.
C. Local BGP peer has not received an OpenConfirm from
D. The local BGP peer has received a total of 3 BGP prefixes.

Answer: AC

A FortiGate is configured as an explicit web proxy. Clients using this web proxy are reposting DNS errors when accessing any website. The administrator executes the following debug commands and observes that the n-dns-timeout counter is increasing:

What should the administrator check to fix the problem?

A. The connectivity between the FortiGate unit and the DNS server.
B. The connectivity between the client workstations and the DNS server.
C. That DNS traffic from client workstations is allowed by the explicit web proxy policies.
D. That DNS service is enabled in the explicit web proxy interface.

Answer: AB

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

A. Group ID.
B. Group name.
C. Session pickup.
D. Gratuitous ARPs.

Answer: A

Examine the output of the `get router info ospf neighbor' command shown in the exhibit; then answer the question below.

Which statements are true regarding the output in the exhibit? (Choose two.)

A. The interface ToRemote is OSPF network type point-to-point.
B. The OSPF router with the ID is the designated router for the ToRemote network.
C. The local FortiGate is the backup designated router for the wan1 network.
D. The OSPF routers with the IDs and are both designated routers for the wan1 network.

Answer: AC

A FortiGate has two default routes:

All Internet traffic is currently using port1. The exhibit shows partial information for one sample session of Internet traffic from an internal user:

What would happen with the traffic matching the above session if the priority on the first default route (IDd1) were changed from 5 to 20?

A. Session would remain in the session table and its traffic would keep using port1 as the outgoing interface.
B. Session would remain in the session table and its traffic would start using port2 as the outgoing interface.
C. Session would be deleted, so the client would need to start a new session.
D. Session would remain in the session table and its traffic would be shared between port1 and port2.

Answer: A

What events are recorded in the crashlogs of a ForitGate device? (Choose two.)

A. A process crash.
B. Configuration changes.
C. Changes in the status of any of the FortiGuard licenses.
D. System entering to and leaving from the proxy conserve mode.

Answer: AD

A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem? (Choose two.)

A. Firewall monitor.
B. Policy monitor.
C. Logs.
D. Crashlogs.

Answer: CD

1.|2018 Latest NSE7 Exam Dumps (PDF & VCE) 97Q&As Download:

2.|2018 Latest NSE7 Exam Questions & Answers Download: