NSE7 무료 덤프문제 온라인 액세스

What does the dirty flag mean in a FortiGate session?

• A.Traffic has been identified as from an application that is not allowed.
• B.The session must be removed from the former primary unit after an HA failover.
• C.Traffic has been blocked by the antivirus inspection.
• D.The next packet must be re-evaluated against the firewall policies.

An administrator is running the following sniffer in a FortiGate:
diagnose sniffer packet any "host 10.0.2.10" 2
What information is included in the output of the sniffer? (Choose two.)

• A.Port names.
• B.IP headers.
• C.Ethernet headers.
• D.IP payload.

Two independent FortiGate HA clusters are connected to the same broadcast domain. The administrator has reported that both clusters are using the same HA virtual MAC address. This creates a duplicated MAC address problem in the network. What HA setting must be changed in one of the HA clusters to fix the problem?

• A.Session pickup.
• B.Gratuitous ARPs.
• C.Group ID.
• D.Group name.

Examine the output from the 'diagnose debug authd fsso list' command; then answer the question below.
# diagnose debug authd fsso list FSSO logons-IP: 192.168.3.1 User: STUDENT Groups:
TRAININGAD/USERS Workstation: INTERNAL2. TRAINING. LAB The IP address 192.168.3.1 is NOT the one used by the workstation INTERNAL2. TRAINING. LAB.
What should the administrator check?

• A.The IP address recorded in the logon event for the user STUDENT.
• B.The reserve DNS lookup forthe IP address 192.168.3.1.
• C.The source IP address of the traffic arriving to the FortiGate from the workstation INTERNAL2.
  TRAINING. LAB.
• D.The DNS name resolution for the workstation name INTERNAL2. TRAINING. LAB.

Examine the following traffic log; then answer the question below.
date-20xx-02-01 time=19:52:01 devname=master device_id="xxxxxxx" log_id=0100020007 type=event subtype=system pri critical vd=root service=kemel status=failure msg="NAT port is exhausted." What does the log mean?

• A.The limit for the maximum number of simultaneous sessions sharing the same NAT port has been reached.
• B.FortiGate does not have any available NAT port for a new connection.
• C.There is not enough available memory in the system to create a new entry in the NAT port table.
• D.The limit for the maximum number of entries in the NAT port table has been reached.