Practice Free FCSS_NST_SE-7.6 Exam Online Questions
Refer to the exhibits.
An administrator Is expecting to receive advertised route 8.8.8.8/32 from FGT-A. On FGT-B, they confirm that the route is being advertised and received, however, the route is not being injected into the routing table.
What is the most likely cause of this issue?
- A . A batter route to the 8.8.8.8/32 network exists in the routing table.
- B . FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.
- C . The administrator has misconfigured redistribution of routes on FGT-A.
- D . FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.
Refer to the exhibit, which contains partial output from an IKE real-time debug.
The administrator does not have access to the remote gateway.
Based on the debug output, which configuration change the administrator make to the local gateway to resolve the phase 1 negotiation error?
- A . In the phase 1 proposal configuration, add AES256-SHA256 to the list of encryption algorithms.
- B . In the phase 1 proposal configuration, add AESCBC-SHA2 to the list of encryption algorithms.
- C . In the phase 1 network configuration, set the IKE version to 2.
- D . In the phase 1 proposal configuration, add AES128-SHA128 to the list of encryption algorithms.
Which statement about IKEv2 is true?
- A . Both IKEv1 and IKEv2 share the feature of asymmetric authentication.
- B . IKEv1 and IKEv2 have enough of the header format in common that both versions can run over the same UDP port.
- C . IKEv1 and IKEv2 use same TCP port but run on different UDP ports.
- D . IKEv1 and IKEv2 share the concept of phase1 and phase2.
Refer to the exhibit.
An IPsec VPN tunnel is dropping, as shown by the debug output.
Analyzing the debug output, what could be causing the tunnel to go down?
- A . Phase 2 drops but Phase 1 is up.
- B . Dead Peer Detection is not receiving its acknowledge packet.
- C . The tunnel drops during rekey negotiation.
- D . The tunnel drops after the timer expires.
Which two statements about Security Fabric communications are true? (Choose two.)
- A . FortiTelemetry and Neighbor Discovery both operate using TCP.
- B . The default port for Neighbor Discovery can be modified.
- C . FortiTelemetry must be manually enabled on the FortiGate interface.
- D . By default, the downstream FortiGate establishes a connection with the upstream FortiGate using TCP port 8013.
What are two functions of automation stitches? (Choose two.)
- A . You can configure automation stitches on any FortiGate device in a Security Fabric environment.
- B . You can configure automation stitches to execute actions sequentially by taking parameters from previous actions as input for the current action.
- C . You can set an automation stitch configured to execute actions in parallel to insert a specific delay between actions.
- D . You can create automation stitches to run diagnostic commands and attach the results to an email message when CPU or memory usage exceeds specified thresholds.
Refer to the exhibit, which shows a partial output of the fssod daemon real-time debug command.
What two conclusions can you draw Itom the output? (Choose two.)
- A . The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.
- B . The logon event can be seen on the collector agent installed on Windows.
- C . FSSO is using DC agent mode to detect logon events.
- D . FSSO is using agentless polling mode to detect logon events.
Exhibit.
Refer to the exhibit, which shows two entries that were generated in the FSSO collector agent logs.
What three conclusions can you draw from these log entries? {Choose three.)
- A . Remote registry is not running on the workstation.
- B . The user’s status shows as "not verified" in the collector agent.
- C . DNS resolution is unable to resolve the workstation name.
- D . The FortiGate firmware version is not compatible with that of the collector agent.
- E . A firewall is blocking traffic to port 139 and 445.
Exhibit.
Refer to the exhibit, which shows the output of a diagnose command.
What can you conclude about the debug output in this scenario?
- A . The first server provided to FortiGate when it performed a DNS query looking for a list of rating servers, was 121.111.236.179.
- B . There is a natural correlation between the value in the FortiGuard-requests field and the value in the Weight field.
- C . FortiGate used 64.26.151.37 as the initial server to validate its contract.
- D . Servers with a negative TZ value are less preferred for rating requests.
Refer to the exhibits, which contain the partial configurations of two VPNs on FortiGate.
An administrator has configured two VPNs for two different user groups. Users who are in the Users-2 group are not able to connect to the VPN. After running a diagnostics command, the administrator discovers that FortiGate is not matching the user-2 VPN for members of the Users-2 group.
Which two changes must the administrator make to fix the issue? (Choose two.)
- A . Change to aggressive mode on both VPNs.
- B . Enable XAuth on both VPNs.
- C . Use different pre-shared keys on both VPNs.
- D . Set up specific peer IDs on both VPNs.