Fortinet NSE7_EFW-7.2 Fortinet NSE 7 – Enterprise Firewall 7.2 Online Training

Fortinet NSE7_EFW-7.2 Online Training

The questions for NSE7_EFW-7.2 were last updated at Nov 19,2024.

Exam Code: NSE7_EFW-7.2
Exam Name: Fortinet NSE 7 - Enterprise Firewall 7.2
Certification Provider: Fortinet
Latest update: Nov 19,2024

Question #1

Which two statements about metadata variables are true? (Choose two.)

A . You create them on FortiGate
B . They apply only to non-firewall objects.
C . The metadata format is $<metadata_variabie_name>.
D . They can be used as variables in scripts

Reveal Solution Hide Solution

Question #2

Refer to the exhibit, which contains a partial BGP combination.

You want to configure a loopback as the OGP source.

Which two parameters must you set in the BGP configuration? (Choose two)

A . ebgp-enforce-multihop
B . recursive-next-hop
C . ibgp-enfoce-multihop
Questions and Answers PDF 3/41
D . update-source

Reveal Solution Hide Solution

Question #3

Exhibit.

Refer to the exhibit, which shows a partial web filter profile conjuration

What can you cone udo from this configuration about access to www.facebook, com, which is categorized as Social Networking?

A . The access is blocked based on the Content Filter configuration
B . The access is allowed based on the FortiGuard Category Based Filter configuration
C . The access is blocked based on the URL Filter configuration
D . The access is hocked if the local or the public FortiGuard server does not reply

Reveal Solution Hide Solution

Question #4

An administrator has configured two fortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device

What can the administrator do to fix this problem?

A . Verify that the speed and duplex settings match between me FortiGate interfaces and the connected switch ports
B . Configure set link -failed signal enable under-config system ha on both Cluster members
C . Configure remote Iink monitoring to detect an issue in the forwarding path
D . Configure set send-garp-on-failover enables under config system ha on both cluster members

Reveal Solution Hide Solution

Question #5

Exhibit.

Refer to the exhibit, which shows information about an OSPF interlace

What two conclusions can you draw from this command output? (Choose two.)

A . The port3 network has more man one OSPF router
B . The OSPF routers are in the area ID of 0.0.0.1.
C . The interfaces of the OSPF routers match the MTU value that is configured as 1500.
D . NGFW-1 is the designated router

Reveal Solution Hide Solution

Question #6

In which two ways does fortiManager function when it is deployed as a local FDS? (Choose two)

A . lt can be configured as an update server a rating server or both
B . It provides VM license validation services
C . It supports rating requests from non-FortiGate devices.
D . It caches available firmware updates for unmanaged devices

Reveal Solution Hide Solution

Question #7

Refer to the exhibit.

which contains a partial configuration of the global system.

What can you conclude from this output?

A . NPs and CPs are enabled
B . Only CPs arc disabled
C . Only NPs are disabled
D . NPs and CPs arc disabled

Reveal Solution Hide Solution

Question #8

Refer to the exhibit, which shows a routing table.

What two options can you configure in OSPF to block the advertisement of the 10.1.10.0 prefix? (Choose two.)

A . Remove the 16.1.10.C prefix from the OSPF network
B . Configure a distribute-list-out
C . Configure a route-map out
D . Disable Redistribute Connected

Reveal Solution Hide Solution

Question #9

Exhibit.

Refer to the exhibit, which shows a partial touting table

What two concisions can you draw from the corresponding FortiGate configuration? (Choose two.)