Free NSE7_NST-7.2 Sample Questions — Fortinet NSE 7 - Network Security 7.2 Support Engineer

Which authentication option can you not configure under config user radius on FortiOS?

• A. mschap
• B. pap
• C. mschap2
• D. eap

Which three common FortiGate-to-collector-agent connectivity issues can you identify using the FSSO real-time debug? (Choose three.)

• A. Refused connection. Potential mismatch of TCP port
• B. Mismatched pre-shared password
• C. Inability to reach IP address of the collector agent
• D. Log is full on the collector agent
• E. Incompatible collector agent software version

Which statement about protocol options is true?

• A. Protocol options allow administrators to configure a maximum number of sessions for each configured protocol
• B. Protocol options give administrators a streamlined method to instruct FortiGate to block all sessions corresponding to disabled protocols
• C. Protocol options allow administrators to configure the Any setting for all enabled protocols, which provides the most efficient use of system resources
• D. Protocol options allow administrators to configure which Layer 4 port numbers map to upper-layer protocols, such HTTP, SMTP, FTP, and so on

Which exchange takes care of DoS protection in IKEv2?

• A. IKE_Req_INIT
• B. IKE_SA_INIT
• C. IKE_Auth
• D. Create_CHILD_SA

Which statement is correct regarding LDAP authentication using the regular bind type?

• A. The regular bind type goes through four steps to successfully authenticate a user
• B. The regular bind type cannot be used if users are authenticated using sAMAccountName
• C. The regular bind type is the easiest bind type to configure on FortiOS
• D. The regular bind type requires a FortiGate super_admin account