Free NSE7_EFW-7.0 Sample Questions — NSE 7 - Enterprise Firewall 7.0

Which two configuration commands change the default behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)

• A. set av-failopen off
• B. set av-failopen pass
• C. set fail-open enable
• D. set ips fail-open disable

How are bulk configuration changes made using FortiManager CLI scripts? (Choose two.)

• A. When run on the All FortiGate in ADOM, changes are automatically installed without the creation of a new revision history
• B. When run on the Device Database, changes are applied directly to the managed FortiGate device
• C. When run on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation
• D. When run on the Policy Package, ADOM database, you must use the installation wizard to apply the changes to the managed FortiGate device

Which two tasks are automated using the Import Configuration wizard on FortiManager? (Choose two.)

• A. Importing firewall address objects from managed devices
• B. Importing interface mappings from managed devices
• C. Importing static and dynamic route configurations from managed devices
• D. Importing devices to FortiManager

Which configuration can be used to reduce the number of BGP sessions in an IBGP network?

• A. route-reflector enable
• B. route-reflector-server enable
• C. route-reflector-client enable
• D. route-reflector-peer enable

Which two statements about an auxiliary session are true? (Choose two.)

• A. With the auxiliary session setting disabled, only auxiliary sessions are offloaded
• B. With the auxiliary session setting enabled, two sessions are created in case of routing change
• C. With the auxiliary session setting enabled, ECMP traffic is accelerated to the NP6 processor
• D. With the auxiliary session setting disabled, for each traffic path, FortiGate uses the same auxiliary session