Practice Exams:

Free NSE7_EFW-7.0 Exam Braindumps

Pass your Fortinet NSE 7 - Enterprise Firewall 7.0 exam with these free Questions and Answers

Page 2 of 33
PDF with 163 Questions
QUESTION 1

What is the purpose of an internal segmentation firewall (ISFW)?

  1. A. It inspects incoming traffic to protect services in the corporate DMZ.
  2. B. It is the first line of defense at the network perimeter.
  3. C. It splits the network into multiple security segments to minimize the impact of breaches.
  4. D. It is an all-in-one security appliance that is placed at remote sites to extend the enterprise network.

Correct Answer: C
ISFW splits your network into multiple security segments. They serve as a breach containers from attacks that come from inside.

QUESTION 2

What conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)

  1. A. IP addresses are in the same subnet.
  2. B. Hello and dead intervals match.
  3. C. OSPF IP MTUs match.
  4. D. OSPF peer IDs match.
  5. E. OSPF costs match.

Correct Answer: ABC
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-advanced-routing-54/Routing_OSPF/OSPF_Bac

QUESTION 3

Refer to the exhibit, which contains a TCL script configuration on FortiManager.
NSE7_EFW-7.0 dumps exhibit
An administrator has configured the TCL script on FortiManager, but failed to apply any changes to the
managed device after being executed.
Why did the TCL script fail to make any changes to the managed device?

  1. A. Changes in an interface configuration can only be done by CLI script.
  2. B. The TCL script must start with #include <>.
  3. C. Incomplete commands are ignored in TCL scripts.
  4. D. The TCL command run_cmd has not been created.

Correct Answer: D

QUESTION 4

View the exhibit, which contains the output of a debug command, and then answer the question below.
NSE7_EFW-7.0 dumps exhibit
Which of the following statements about the exhibit are true? (Choose two.)

  1. A. In the network on port4, two OSPF routers are down.
  2. B. Port4 is connected to the OSPF backbone area.
  3. C. The local FortiGate’s OSPF router ID is 0.0.0.4
  4. D. The local FortiGate has been elected as the OSPF backup designated router.

Correct Answer: BC

QUESTION 5

Which of the following statements is true regarding a FortiGate configured as an explicit web proxy?

  1. A. FortiGate limits the number of simultaneous sessions per explicit web proxy use
  2. B. This limit CANNOT be modified by the administrator.
  3. C. FortiGate limits the total number of simultaneous explicit web proxy users.
  4. D. FortiGate limits the number of simultaneous sessions per explicit web proxy user The limit CAN be modified by the administrator
  5. E. FortiGate limits the number of workstations that authenticate using the same web proxy user credentials.This limit CANNOT be modified by the administrator.

Correct Answer: B
https://help.fortinet.com/fos50hlp/52data/Content/FortiOS/fortigate-WAN-opt-52/web_proxy.htm#Explicit2
The explicit proxy does not limit the number of active sessions for each user. As a result the actual explicit proxy session count is usually much higher than the number of explicit web proxy users. If an excessive number of explicit web proxy sessions is compromising system performance you can limit the amount of users if the FortiGate unit is operating with multiple VDOMs.

Page 2 of 33
PDF with 163 Questions

Post your Comments and Discuss Fortinet NSE7_EFW-7.0 exam with other Community members: