Fortinet FCSS_NST_SE-7.4 Practice Exams
Last updated on Apr 09,2025- Exam Code: FCSS_NST_SE-7.4
- Exam Name: FCSS - Network Security 7.4 Support Engineer
- Certification Provider: Fortinet
- Latest update: Apr 09,2025
Which two statements about conserve mode are true? (Choose two.)
- A . FortiGate enters conserve mode when the system memory reaches the configured extreme threshold.
- B . FortiGate starts taking the configured action for new sessions requiring content inspection when the system memory reaches the configured red threshold.
- C . FortiGate exits conserve mode when the system memory goes below the configured green threshold.
- D . FortiGate starts dropping all new sessions when the system memory reaches the configured red threshold.
Which statement about parallel path processing is correct (PPP)?
- A . PPP chooses from a group of parallel options lo identity the optimal path tor processing a packet.
- B . Only FortiGate hardware configurations affect the path that a packet takes.
- C . PPP does not apply to packets that are part of an already established session.
- D . Software configuration has no impact on PPP.
Refer to the exhibit, which contains the output of diagnose vpn tunnel list.
Which command will capture ESP traffic for the VPN named DialUp_0?
- A . diagnose sniffer packet any ‘ip proto 50’
- B . diagnose sniffer packet any ‘host 10.0.10.10’
- C . diagnose sniffer packet any ‘esp and host 10.200.3.2’
- D . diagnose sniffer packet any ‘port 4500’
Refer to the exhibit, which shows a session entry.
Which statement about this session is true?
- A . Return traffic to the initiator is sent to 10.1.0.1.
- B . Return traffic to the initiator is sent lo 10.200.1.254.
- C . It is an ICMP session from 10.1.10.10 to 10.200.1.1.
- D . It is an ICMP session from 10.1.10.1 to 10.200.5.1.
Exhibit.
Refer to the exhibit, which shows a partial web fillet profile configuration.
Which action does FortiGate lake if a user attempts to access www. dropbox. com, which is categorized as File Sharing and Storage?
- A . FortiGate allows the connection, based on the URL Filter configuration.
- B . FortiGate blocks the connection as an invalid URL.
- C . FortiGate exempts the connection, based on the Web Content Filter configuration.
- D . FortiGate blocks the connection, based on the FortiGuard category based filter configuration.
An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.
If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?
- A . diagnose sniffer packet any ‘udp port 500’
- B . diagnose sniffer packet any ‘lp proto 50’
- C . diagnose sniffer packet any ‘udp port 4500’
- D . diagnose sniffer packet any ‘ah’
Refer to the exhibit, which shows the output o! the BGP database.
Which two statements are correct? (Choose two.)
- A . The advertised prefix of 10.20.30.0’24 was configured using the network command.
- B . The first four prefixes are being advertised using a legacy route advertisement.
- C . The advertised prefix of 10.20.30.0’24 is being advertised through the redistribution of another routing protocol.
- D . The output shows all prefixes advertised by all neighbors as well as the local router.
Which statement about protocol options is true?
- A . Protocol options allow administrators to configure a maximum number of sessions for each configured protocol.
- B . Protocol options give administrators a streamlined method to instruct FortiGate to block all sessions corresponding to disabled protocols.
- C . Protocol options allow administrators to configure the Any setting for all enabled protocols, which provides the most efficient use of system resources.
- D . Protocol options allow administrators to configure which Layer 4 port numbers map to upper-layer protocols, such as HTTP, SMTP, FTP, and so on.