01. In an enterprise firewall, one firewall policy is being used for intrusion prevention. Which configuration in the firewall policy must you check to confirm the optimum performance for intrusion prevention?
a) set cp-accel-mode enable
b) set inspection-mode proxy
c) set offload enable
d) set np-acceleration enable
02. When does a RADIUS server send an Access-Challenge packet?
a) The server does not have the user credentials yet.
b) The server requires more information from the user, such as the token code for two-factor authentication.
c) The user credentials are wrong.
d) The user account is not found in the server.
03. An administrator has enabled HA session synchronization in a HA cluster with two members. Which flag is added to a primary unit’s session to indicate that it has been synchronized to the secondary unit?
a) redir.
b) dirty.
c) synced.
d) nds.
04. What global configuration setting changes the behavior for content-inspected traffic while FortiGate is in system conserve mode?
a) av-failopen
b) mem-failopen
c) utm-failopen
d) ips-failopen
05. What does the dirty flag mean in a FortiGate session?
a) Traffic has been identified as from an application that is not allowed.
b) The session must be removed from the former primary unit after an HA failover.
c) The next packet must be re-evaluated against the firewall policies.
d) Traffic has been blocked by the antivirus inspection.
06. The CLI command set intelligent-mode <enable | disable> ontrols the IPS engine’s adaptive scanning behavior. Which of the following statements describes IPS adaptive scanning?
a) Determines when it is secure enough to stop scanning session traffic.
b) Choose a matching algorithm based on available memory and the type of inspection being performed.
c) Downloads signatures on demand from FDS based on scanning requirements.
d) Determines the optimal number of IPS engines required based on system load.
07. Which configuration can be used to reduce the number of BGP sessions in an IBGP network?
a) Neighbor group
b) Next-hop-self
c) Route reflector
d) Neighbor range
08. How does FortiManager handle FortiGuard requests from FortiGate devices, when it is configured as a local FDS?
a) FortiManager can download and maintain local copies of FortiGuard databases.
b) FortiManager supports only FortiGuard push to managed devices.
c) FortiManager will respond to update requests only if they originate from a managed device.
d) FortiManager does not support rating requests.
09. A FortiGate is rebooting unexpectedly without any apparent reason. What troubleshooting tools could an administrator use to get more information about the problem?
(Choose two.)
a) Firewall monitor.
b) Policy monitor.
c) Logs.
d) Crashlogs.
10. What are two impacts on applications if adjusting the TCP Maximum Segment Size (MSS) on FortiGate?
(Choose two.)
a) The MSS configuration is prone to errors since it requires a thorough understanding of the network path.
b) The packet count increases adding unnecessary TCP headers when the MSS value is increased.
c) The overall data throughput is decreased when there is a decrease in MSS value.
d) The network efficiency improves when there is a decrease in MSS value.
Before you write the Fortinet Enterprise Firewall Administrator (FCSS_EFW_AD-7.6) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Fortinet Certified Solution Specialist - Network Security (Enterprise Firewall Administrator) sample questions and demo exam help you in removing these doubts and prepare you to take the test.