- Home
- Fortinet
- Fortinet NSE 7 - Enterprise Firewall 7.0
- Fortinet.NSE7_EFW-7.0.v2023-07-31.q119
- Question 5
Valid NSE7_EFW-7.0 Dumps shared by ExamDiscuss.com for Helping Passing NSE7_EFW-7.0 Exam! ExamDiscuss.com now offer the newest NSE7_EFW-7.0 exam dumps, the ExamDiscuss.com NSE7_EFW-7.0 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com NSE7_EFW-7.0 dumps with Test Engine here:
Access NSE7_EFW-7.0 Dumps Premium Version
(165 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 5/119
Which action will FortiGate take when using the default settings for SSL certificate inspection, where the server name indication (SNI) does not match either the common name (CN) or any of the subject altemative names (SAN) in the server certificate?
Correct Answer: A
#Config firewall ssl-ssh-profile
edit <profile_name>
config https
set sni-server-cert-check [enable* | strict | disable]
Enable: If the SNI does NOT match the CN or SAN fields in the returned server's certificate, FG uses the CN field instead of the SNI to obtain the FQDN.
Strict: If the SNI does NOT match the CN or SAN fields in the returned server's certificate, FG closes the connection.
Disable: FG does not check the SNI.
edit <profile_name>
config https
set sni-server-cert-check [enable* | strict | disable]
Enable: If the SNI does NOT match the CN or SAN fields in the returned server's certificate, FG uses the CN field instead of the SNI to obtain the FQDN.
Strict: If the SNI does NOT match the CN or SAN fields in the returned server's certificate, FG closes the connection.
Disable: FG does not check the SNI.
- Question List (119q)
- Question 1: An LDAP user cannot authenticate against a FortiGate device....
- Question 2: View the exhibit, which contains a partial output of an IKE ...
- Question 3: View the exhibit, which contains a screenshot of some phase-...
- Question 4: View the IPS exit log, and then answer the question below. #...
- Question 5: Which action will FortiGate take when using the default sett...
- Question 6: View the exhibit, which contains the output of a diagnose co...
- Question 7: Which real time debug should an administrator enable to trou...
- Question 8: Refer to the exhibit, which contains the partial output of a...
- Question 9: The CLI command set intelligent-mode <enable | disable>...
- Question 10: Refer to the exhibit, which shows the output of a debug comm...
- Question 11: Refer to the exhibit, which contains a CLI script configurat...
- Question 12: In which two states is a given session categorized as epheme...
- Question 13: Refer to the exhibit, which shows the output of a web filter...
- Question 14: Examine the output of the 'get router info bgp summary' comm...
- Question 15: Examine the following partial output from a sniffer command;...
- Question 16: View the exhibit, which contains the output of diagnose sys ...
- Question 17: Refer to the exhibit, which contains the output of diagnose ...
- Question 18: View the exhibit, which contains the output of a diagnose co...
- 1 commentQuestion 19: Examine the output of the 'diagnose debug rating' command sh...
- Question 20: View the exhibit, which contains the output of a real-time d...
- Question 21: Examine the output from the 'diagnose vpn tunnel list' comma...
- Question 22: What does the dirty flag mean in a FortiGate session?...
- Question 23: View the exhibit, which contains a session entry, and then a...
- Question 24: Refer to the exhibit, which contains partial output from an ...
- Question 25: Examine the following partial outputs from two routing debug...
- Question 26: Which ADVPN configuration must be configured using a script ...
- Question 27: Refer to exhibit, which contains the output of a BGP debug c...
- Question 28: View the exhibit, which contains a screenshot of some phase-...
- Question 29: Which statement about protocol options is true?...
- Question 30: Examine the output of the 'diagnose debug rating' command sh...
- Question 31: Refer to the exhibit, which contains the partial output of a...
- Question 32: View the exhibit, which contains the output of diagnose sys ...
- Question 33: Refer to the exhibit, which contains the partial output of a...
- Question 34: Examine the output of the 'get router info ospf neighbor' co...
- Question 35: Examine the output of the 'diagnose ips anomaly list' comman...
- Question 36: A corporate network allows Internet Access to FSSO users onl...
- Question 37: Refer to the exhibit, which contains the partial output of a...
- Question 38: View the exhibit, which contains the output of diagnose sys ...
- Question 39: Which of the following statements are correct regarding appl...
- Question 40: An administrator has enabled HA session synchronization in a...
- Question 41: View the exhibit, which contains the output of a diagnose co...
- Question 42: Refer to the exhibit, which contains partial output from an ...
- Question 43: Examine the following partial output from two system debug c...
- Question 44: Examine the output of the 'get router info bgp summary' comm...
- Question 45: Examine the partial output from the IKE real time debug show...
- Question 46: Which two statements about FortiManager is true when it is d...
- Question 47: Which two statements about an auxiliary session are true? (C...
- Question 48: Refer to the exhibit, which shows a partial routing table. (...
- Question 49: A FortiGate has two default routes: (Exhibit) All Internet t...
- Question 50: An administrator wants to capture encrypted phase 2 traffic ...
- Question 51: Which statement about the designated router (DR) and backup ...
- Question 52: In which two states is a given session categorized as epheme...
- Question 53: Examine the following partial outputs from two routing debug...
- Question 54: Examine the partial output from two web filter debug command...
- Question 55: Refer to the exhibit, which contains a TCL script configurat...
- Question 56: View the central management configuration shown in the exhib...
- Question 57: Which statement about NGFW policy-based application filterin...
- Question 58: An administrator has configured a dial-up IPsec VPN with one...
- Question 59: View the following FortiGate configuration. (Exhibit) All tr...
- Question 60: Examine the following routing table and BGP configuration; t...
- Question 61: A FortiGate device has the following LDAP configuration: (Ex...
- Question 62: Refer to the exhibit, which shows the output of a diagnose c...
- Question 63: An administrator cannot connect to the GIU of a FortiGate un...
- Question 64: A FortiGate device has the following LDAP configuration: (Ex...
- Question 65: Refer to exhibit, which contains the output of a BGP debug c...
- Question 66: View the global IPS configuration, and then answer the quest...
- Question 67: View the exhibit, which contains the partial output of a dia...
- Question 68: Which two statements about OCVPN are true? (Choose two.)...
- Question 69: Examine the partial output from the IKE real time debug show...
- Question 70: An administrator has configured two FortiGate devices for an...
- Question 71: View the exhibit, which contains the partial output of an IK...
- Question 72: Which statements about bulk configuration changes using Fort...
- Question 73: View the exhibit, which contains the output of a BGP debug c...
- Question 74: View the exhibit, which contains the output of a real-time d...
- Question 75: Which statement about the designated router (DR) and backup ...
- Question 76: Refer to the exhibit, which contains the partial output of t...
- Question 77: An administrator is running the following sniffer in a Forti...
- Question 78: A FortiGate device has the following LDAP configuration: (Ex...
- Question 79: Refer to the exhibit, which contains partial output from an ...
- Question 80: What does the dirty flag mean in a FortiGate session?...
- Question 81: Which three conditions are required for two FortiGate device...
- Question 82: Which two statements about the Security Fabric are true? (Ch...
- Question 83: View the IPS exit log, and then answer the question below. #...
- Question 84: Which of the following conditions must be met for a static r...
- Question 85: An administrator is running the following sniffer in a Forti...
- Question 86: Examine the output from the BGP real time debug shown in the...
- Question 87: Refer to the exhibit, which contains the debug output of dia...
- Question 88: View the exhibit, which contains the output of a BGP debug c...
- Question 89: Refer to the exhibit, which contains partial output from an ...
- Question 90: View the exhibit, which contains the output of a BGP debug c...
- Question 91: Which two conditions would prevent a static route from being...
- Question 92: View the exhibit, which contains the partial output of an IK...
- Question 93: View the exhibit, which contains the output of diagnose sys ...
- Question 94: Refer to the exhibit, which contains the output of the diagn...
- Question 95: Refer to the exhibit, which contains the debug output of dia...
- Question 96: View the exhibit, which contains the output of a BGP debug c...
- Question 97: Examine the output of the 'get router info bgp summary' comm...
- Question 98: The CLI command set intelligent-mode <enable | disable>...
- Question 99: Refer to the exhibit, which shows the output of a diagnose c...
- Question 100: Refer to the exhibit, which contains partial outputs from tw...
- Question 101: Examine the IPsec configuration shown in the exhibit; then a...
- Question 102: Examine the output of the 'get router info bgp summary' comm...
- Question 103: Which configuration can be used to reduce the number of BGP ...
- Question 104: Examine the output of the 'get router info ospf interface' c...
- Question 105: View the central management configuration shown in the exhib...
- Question 106: Examine the following partial outputs from two routing debug...
- Question 107: Which two tasks are automated using the Install Wizard on Fo...
- Question 108: Which two configuration settings change the behavior for con...
- Question 109: Examine the output of the 'get router info ospf neighbor' co...
- Question 110: A FortiGate is rebooting unexpectedly without any apparent r...
- Question 111: View the exhibit, which contains the partial output of an IK...
- Question 112: View the exhibit, which contains a partial routing table, an...
- Question 113: Which two statements about an auxiliary session are true? (C...
- Question 114: Two independent FortiGate HA clusters are connected to the s...
- Question 115: Refer to the exhibit, which contains partial outputs from tw...
- Question 116: A FortiGate is rebooting unexpectedly without any apparent r...
- Question 117: Refer to the exhibit, which contains the partial output of a...
- Question 118: Which two statements about an auxiliary session are true? (C...
- Question 119: View the exhibit, which contains an entry in the session tab...
[×]
Download PDF File
Enter your email address to download Fortinet.NSE7_EFW-7.0.v2023-07-31.q119.pdf