Summer Certification Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Full Access Fortinet FCSS_NST_SE-7.6 Tutorials

Fortinet NSE 6 - Network Security 7.6 Support Engineer Questions and Answers

Question 17

Exhibit.

Refer to the exhibit, which shows a FortiGate configuration.

An administrator is troubleshooting a web filter issue on FortiGate. The administrator has configured a web filter profile and applied it to a policy; however the web filter is not inspecting any traffic that is passing through the policy.

What must the administrator do to fix the issue?

Options:

A.

Disable webfilter-force-off.

B.

Increase webfilter-timeout.

C.

Enable fortiguard-anycast.

D.

Change protocol to TCP.

Question 18

Consider the scenario where the server name indication (SNI) does not match either the common name (CN) or any of the subject alternative names (SAN) in the server certificate. Which two actions will FortiGate take when using the default settings for SSL certificate inspection? (Choose two answers)

Options:

A.

FortiGate uses the SNI from the user ' s web browser.

B.

FortiGate does not decrypt the traffic if the traffic is blocked by the web filter profile.

C.

FortiGate uses the CN information from the Subject field in the server certificate.

D.

FortiGate does not decrypt the traffic if the traffic is allowed by the web filter profile.

Question 19

Refer to the exhibit.

The output of diagnose sys session list command is shown.

If the HA ID for the primary device is 9, what happens if the primary fails and the secondary becomes the primary?

Options:

A.

The session is synchronized with the secondary device, however, because application control is applied. the session is marked dirty and has to be reevaluated after failover.

B.

The session will be removed from the session table of the secondary device because the TCP session is not yet fully established.

C.

The session continues to permit traffic on the new primary device after failover. without requiring the client to restart the session with the server.

D.

The session state is preserved but the kernel will re-evaluate the session because the routing information will be flushed

Question 20

Which Iwo actions does FortiGate take after an administrator enables the auxiliary session selling? (Choose two.)

Options:

A.

FortiGate only offloads auxiliary sessions.

B.

FortiGate accelerates all ECMP traffic to the NP6 processor

C.

FortiGates creates a now auxiliary session for each packet it receives.

D.

FortiGate creates two sessions in case of a routing change.