首页  /  试题详情

单选题

0eae7661adf520112a6f15ed6f59fd5b.png

Refer to the exhibits.

FGT-1 is an area border router (ABR) that has interfaces in OSPF areas 0.0.0.0 and 0.0.0.5. FGT-3 acts as an autonomous system border router

(ASBR), importing static routes into OSPF. FGT-2 is an internal router with all its interfaces belonging to area 0.0.0.5. FGT-1 is receiving all

advertised routes from FGT-2, however, FGT-3 is not receiving any of the advertised routes from FGT-1.

What is the most likely reason for this? (Choose one answer)

A、

Area 0.0.0.5 is configured not to propagate type 5 LSAs.

B、

FGT-2 is configured with a distribution list to block all advertised routes from FGT-3.

C、

FGT-3 and FGT-2 have not formed an OSPF adjacency yet.

D、

IP protocol 89 is blocked between FGT-1 and FGT-3.

查看答案
下载APP答题
由4l***ky提供 分享 举报 纠错
相关题库推荐
FCSS_NST_SE-7.6
2026-03-16
共116道

相关试题

单选题 d97e4eac41e58beaa37592160ff567c9.png

Refer to the exhibit.

The output of the command diagnose vpn tunnel list is shown.

Reviewing the debug command, what is the current status of the traffic flowing through the tunnel? (Choose one answer)

A、

NP6 is handling the offloading.

B、

The inbound IPsec SA was copied to the NPU.

C、

The inbound and outbound IPsec SAS were copied to the NPU.

D、

The outbound IPsec SA was copied to the NPU.

单选题 ca75e56af5d0ac167f85f179dc727ae2.png

Refer to the exhibit.

An IPsec VPN tunnel using IKEv2 was brought up successfully, but when the tunnel rekey takes place the tunnel goes down.

The debug command for IKE was enabled and, in the exhibit, you can review the partial output of the debug IKE while attempting to bring the

tunnel up.

What is causing the tunnel to be down? (Choose one answer)

A、

A mismatch in the Phase 2 negotiations

B、

A mismatch in the Phase 2 negotiations

C、

A Diffie-Hellman mismatch

D、

A mismatch in the Phase 1 negotiations

单选题 When FortiGate enters conserve mode because of memory pressure, which action can FortiGate perform to preserve memory? (Choose one answer)

A、

FortiGate begins dropping all new sessions to protect system resources.

B、

FortiGate switches to a less memory-intensive inspection mode, such as flow-based inspection.

C、

FortiGate automatically reboots to clear memory and restore full operation.

D、

FortiGate reduces or stops non-essential processes like logging and antivirus scanning.

单选题 422ef69ad569cffa1853cf103472a133.png

An administrator has configured a firewall policy to use proxy-based inspection mode.

What could explain the messages observed in the debug flow output? (Choose one answer)

A、

At least one protocol port under Protocol Options has been mapped to Any.

B、

SSL deep inspection is not configured.

C、

The FTP protocol has not yet been mapped to port 211 under Protocol Options.

D、

FortiGate does not have enough free memory to perform proxy-based inspections.

单选题 70fc33a9975f9d3ca9c60fab0a787314.png
Refer to the exhibit.

The output of the get router info bgp summary command is shown.

Which statement regarding adjacencies between the local router and its neighbors is correct? (Choose one answer)

A、

The local router and neighbor 100.64.2.254 are unable to establish adjacency until the adjacency with neighbor 100.64.1.254 ceases.

B、

The local router and neighbor 100.64.2.254 are unable to establish adjacency because the TCP session could not be established.

C、

The local router and neighbor 100.64.1.254 established adjacency because the priority of 100.64.1.254 is higher than that of 100.64.2.254.

D、

The local router and neighbor 100.642.254 are unable to establish adjacency because AS 100 is already used by neighbor 100.64.1.254.

单选题 What can cause an IKEv2 tunnel to go down after it was initially brought up successfully? (Choose one answer)

A、

A mismatched proposal was detected during the IKE AUTH exchange.

B、

A mismatched Diffie-Hellman group was detected during the IKE SA INIT exchange.

C、

A mismatched pre-shared key was detected during the IKE _ AUTH exchange.

D、

Mismatched quick-mode selectors were detected during the Create Child SA exchange.

单选题 87a71ec79ccd3639471efaeb0b25101a.png

Refer to the exhibit.

Partial output of command diagnose debug rating command is shown.

Which FDS server will the FortiGate algorithm choose? (Choose one answer)

A、

96.45.33.65

B、

208.91.112.194

C、

64.26.151.37

D、

209.22.147.36

单选题 00635b1817b5a87ce904d58487114e08.png

Refer to the exhibit.

The partial output of FortiOS kernel slabs is shown.

Which statement about total slab size is true? (Choose one answer)

A、

The total slab size of the ip_session slab is 14080 kB and is associated with the user space.

B、

The total slab size of the tcp_session slab is 7500 kB and is associated with the kernel.

C、

The total slab size of the UDPv6 slab is 14080 kB and is associated with the user space.

D、

The total slab size of the ip6_session slab is 1472 kB and is associated with the kernel.