NSE7 試験問題を無料オンラインアクセス

An administrator wants to capture ESP traffic between two FortiGates using the built-in sniffer. If the administrator knows that there is no NAT device located between both FortiGates, what command should the administrator execute?

• A.diagnose sniffer packet any 'esp'
• B.diagnose sniffer packet any 'udp port 500'
• C.diagnose sniffer packet any 'udp port 4500'
• D.diagnose sniffer packet any 'udp port 500 or udp port 4500'

Examine the following partial outputs from two routing debug commands; then answer the question below:

Why the default route using port2 is not displayed in the output of the second command?

• A.It has a lower priority than the default route using port1.
• B.It has a higher distance than the default route using port1.
• C.It is disabled in the FortiGate configuration.
• D.It has a higher priority than the default route using port1.

Examine the partial output from the IKE real time debug shown in the exhibit; then answer the question below.

Why didn't the tunnel come up?

• A.The remote gateway's Phase-2 configuration does not match the local gateway's phase-2 configuration.
• B.The remote gateway's Phase-1 configuration does not match the local gateway's phase-1 configuration.
• C.One IPsec gateway is using main mode, while the other IPsec gateway is using aggressive mode.
• D.IKE mode configuration is not enabled in the remote IPsec gateway.

Examine the following partial output from a sniffer command; then answer the question below.

What is the meaning of the packets dropped counter at the end of the sniffer?

• A.Number of packets that matched the sniffer filter but could not be captured by the sniffer.
• B.Number of packets that matched the sniffer filter and were dropped by the FortiGate.
• C.Number of packets that didn't match the sniffer filter.
• D.Number of total packets dropped by the FortiGate.

When does a RADIUS server send an Access-Challenge packet?

• A.The server does not have the user credentials yet.
• B.The server requires more information from the user, such as the token code for two-factor authentication.
• C.The user account is not found in the server.
• D.The user credentials are wrong.