FCSS_NST_SE-7.6 FCSS - Network Security 7.6 Support Engineer Questions and Answers

The traffic has been tagged for VLAN 0000.

NP7 is handling offloading of this session.

The traffic matches Policy ID 1.

The session has been offloaded.

Phase 2 drops but Phase 1 is up.

Dead Peer Detection is not receiving its acknowledge packet.

The tunnel drops during rekey negotiation.

The tunnel drops after the timer expires.

The first server provided to FortiGate when it performed a DNS query looking for a list of rating servers, was 121.111.236.179.

There is a natural correlation between the value in the FortiGuard-requests field and the value in the Weight field.

FortiGate used 64.26.151.37 as the initial server to validate its contract.

Servers with a negative TZ value are less preferred for rating requests.

SP Login dump

Authentication Response

Authentication Request

Assertion dump

Set snat-route-change to enable.

Set the priority of the static default route using port2 to 1.

Set preserve-session-route to enable.

Set the priority of the static default route using port1 to 10.

Both IKEv1 and IKEv2 share the feature of asymmetric authentication.

IKEv1 and IKEv2 have enough of the header format in common that both versions can run over the same UDP port.

IKEv1 and IKEv2 use same TCP port but run on different UDP ports.

IKEv1 and IKEv2 share the concept of phase1 and phase2.

Log is full on the collector agent.

Inability to reach IP address of the collector agent.

Refused connection. Potential mismatch of TCP port.

Mismatched pre-shared password.

Incompatible collector agent software version.

With the auxiliary session selling disabled, only auxiliary sessions are offloaded.

With the auxiliary session setting enabled. ECMP traffic is accelerated to the NP6 processor.

With the auxiliary session setting enabled. Iwo sessions are created in case of routing change.

With the auxiliary session setting disabled, for each traffic path. FortiGate uses the same auxiliary session.

FortiGate enters conserve mode when the system memory reaches the configured extreme threshold.

FortiGate starts taking the configured action for new sessions requiring content inspection when the system memory reaches the configured red threshold.

FortiGate exits conserve mode when the system memory goes below the configured green threshold.

FortiGate starts dropping all new sessions when the system memory reaches the configured red threshold.

A batter route to the 8.8.8.8/32 network exists in the routing table.

FGT-B is configured with a prefix list denying the 8.8.8.8/32 network to be injected into the routing table.

The administrator has misconfigured redistribution of routes on FGT-A.

FGT-8 is configured with a distribution list denying the 8.8.8.8/32 network to be injected into the routing table.

The miglogd daemon is running on CPU core ID 0.

The diagnose sys top command has been running for 18 minutes.

The miglogd daemon would be on top of the list, if the administrator pressed m on the keyboard.

The cmdbsvr process is occupying 2.4% of the total user memory space.

If the neweli daemon continues to be in the R state, it will need to be manually restarted.

The workstation with IP 10.124.2.90 will be polled frequently using TCP port 445 to see if the user is still logged on.

The logon event can be seen on the collector agent installed on Windows.

FSSO is using DC agent mode to detect logon events.

FSSO is using agentless polling mode to detect logon events.

66.117.56.37

208.91.112.194

209.22.147.36

64.26.151.37

The network type connecting the local Fortigate and OSPF neighbor 0.0.0.10 is point-to-point.

All neighbors are in area 0.0.0.0.

The local FortiGate is the BDR.

The local FortiGate is not a DROther.

The Hello packet is being sent from an OSPF router with ID 0.0.0.112.

The two FortiGate devices attempting adjacency are in area 0.0.0.0.

One FortiGate device is configured to require authentication, while the other is not.

The passwords on the FortiGate devices do not match.

FortiGate allows the connection, based on the URL Filter configuration.

FortiGate blocks the connection as an invalid URL.

FortiGate exempts the connection, based on the Web Content Filter configuration.

FortiGate blocks the connection, based on the FortiGuard category based filter configuration.