FCSS_EFW_AD-7.4 무료 덤프문제 온라인 액세스

Refer to the exhibit, which shows a partial troubleshooting command output.

An administrator is extensively using IPsec on FortiGate. Many tunnels show information similar to the output shown in the exhibit.
What can the administrator conclude?

• A.Only the outbound IPsec SA is copied to the NPU.
• B.The two IPsec SAs, inbound and outbound, are copied to the NPU.
• C.IPsec SAs cannot be offloaded.
• D.Only the inbound IPsec SA is copied to the NPU.

Refer to the exhibit, which shows an ADVPN network.

An administrator must configure an ADVPN using IBGP and EBGP to connect overlay network 1 with 2.
What must the administrator configure in the phase 1 VPN IPSEC configuration of the Hub2Hub tunnels?

• A.set auto-discovery-sender enable
• B.set auto-discovery-receiver enable
• C.set auto-discovery-forwarder enable
• D.set add-route enable

Refer to the exhibit.

An administrator is deploying a hub and spokes network and using OSPF as dynamic protocol.
Which configuration is mandatory for neighbor adjacency?

• A.Set network-type point-to-multipoint in the hub interface
• B.Set virtual-link enable in the hub interface
• C.Set rfc1583-compatible enable in the router configuration
• D.Set bfd enable in the router configuration

Refer to the exhibit, which shows a corporate network and a new remote office network.

An administrator must integrate the new remote office network with the corporate enterprise network.
What must the administrator do to allow routing between the two networks?

• A.The administrator must configure a static route to the subnet 192.168.l.0/24 on the corporate FortiGate device.
• B.The administrator must implement BGP to inject the new remote office network into the corporate FortiGate device
• C.The administrator must implement OSPF over IPsec on both FortiGate devices.
• D.The administrator must configure virtual links on both FortiGate devices.

Refer to the exhibit. A pre-run CLI template that is used in zero-touch provisioning (ZTP) and low- touch provisioning (LTP) with FortiManager is shown.

The template is not assigned even though the configuration has already been installed on FortiGate.
What is true about this scenario?

• A.The administrator must use post-run CLI templates that are designed for ZTP and LTP
• B.The administrator did not assign the template correctly when adding the model device because pre-CLI templates remain permanently assigned to the firewall
• C.Pre-run CLI templates are automatically unassigned after their initial installation
• D.Pre-run CLI templates for ZTP and LTP must be unassigned manually after the first installation to avoid conflicting error objects when importing a policy package