● NSE 7 - LAN Edge 7.0 Exam Materials
Please note that the exam NSE 7 - LAN Edge 7.0 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 - OT Security 7.6 Architect"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 6 - OT Security 7.6 Architect"
The new exam version is available on Brave-Dumps and can be purchased.
Question #31
Question #32
Which two statements about the guest portal on FortiAuthenticator are true? (Choose two answers)
- A. Each remote user on FortiAuthenticator can sponsor up to 10 guest accounts.
- B. Administrators must approve all guest accounts before they can be used.
- C. The guest portal provides pre and post-log in services.
- D. Administrators can use one or more incoming parameters to configure a mapping rule for the guest portal.
Question #33
Refer to the exhibit.
Examine the FortiManager information shown in the exhibit.
Which two statements about the FortiManager status are true?
(Choose two answers)
- A. FortiSwitch manager is working in per-device management mode.
- B. FortiSwitch is not authorized.
- C. FortiSwitch manager is working in central management mode.
- D. FortiSwitch is authorized and offline.
Question #34
An administrator is testing the connectivity for a new VLAN. The devices in the VLAN are connected to a FortiSwitch device that is managed by FortiGate. Quarantine is disabled on FortiGate.
While testing, the administrator noticed that devices can ping FortiGate and FortiGate can ping the devices. The administrator also noticed that inter-VLAN communication works. However, intra-VLAN communication does not work.
Which scenario is likely to cause this issue?
(Choose one answer)
- A. The native VLAN configured on the ports is incorrect.
- B. The FortiSwitch MAC address table is missing entries.
- C. The FortiGate ARP table is missing entries.
- D. Access VLAN is enabled on the VLAN.
Question #35
Which two statements about MAC address quarantine (by redirect mode) are true? (Choose two answers)
- A. The quarantined device is moved to the quarantine VLAN.
- B. The device MAC address is added to the QuarantinedDevices firewall address group.
- C. It is the default mode for MAC address quarantine.
- D. The quarantined device is kept in the current VLAN.
Question #36
You are configuring a FortiGate wireless network to support automated wireless client quarantine using IOC.
Which two configurations must you put in place for a wireless client to be quarantined successfully?
(Choose two answers)
- A. Configure the wireless network to be in tunnel mode.
- B. Configure the FortiGate device in the Security Fabric with a FortiAnalyzer device.
- C. Configure a firewall policy to allow communication.
- D. Configure the wireless network to be in bridge mode.
Question #37
Which FortiSwitch VLANs are automatically created on FortiGate when the first FortiSwitch device is discovered? (Choose one answer)
- A. default, quarantine, rspan, voice, video, onboarding, and nac_segment
- B. access, quarantine, rspan, voice, video, and onboarding
- C. default, quarantine, rspan, voice, video, and nac_segment
- D. fortilink, quarantine, erspan, voice, video, and onboarding
Question #38
When you configure a FortiAP wireless interface for auto TX power control, which statement describes how it configures its transmission power? (Choose one answer)
- A. Every 30 seconds, the AP will measure the signal strength of the AP using the client. The AP will adjust its signal strength up or down until the AP signal is detected at -70 dBm.
- B. Every 30 seconds, FortiGate measures the signal strength of adjacent AP interfaces. It will adjust its own AP power to match the adjacent AP signal strength.
- C. Every 30 seconds, FortiGate measures the signal strength of adjacent FortiAP interfaces. It will adjust the adjacent AP power to be detectable at -70 dBm.
- D. Every 30 seconds, FortiGate measures the signal strength of the weakest associated client. The AP will then configure its radio power to match the detected signal strength of the client.
Question #39
An administrator has configured an SSID in bridge mode for corporate employees. All APs are online and provisioned using default AP profiles. Employees are unable to locate the SSID to connect.
Which two configurations can the administrator verify?
(Choose two answers)
- A. Verify that the broadcast SSID option is enabled in the SSID configuration.
- B. Verify that the Block Intra-SSID Traffic (Intra-vap-privacy) option in the SSID configuration is disabled.
- C. Verify that the SSID to an AP group that should be broadcasting the SSID is applied.
- D. Verify that the SSID is manually applied on AP profiles for both 2.4 GHz and 5 GHz radios.
Question #40
Refer to the exhibit.
Examine the FortiSwitch security policy shown in the exhibit.
If the security profile shown in the exhibit is assigned to all ports on a FortiSwitch device for 802.1X authentication, which statement about the switch is correct?
(Choose one answer)
- A. FortiSwitch cannot authenticate multiple devices connected to the same port.
- B. FortiSwitch will try to authenticate non-802.1X devices using the device MAC address as the username and password.
- C. FortiSwitch will assign non-802.1X devices to the onboarding VLAN.
- D. All EAP messages will be terminated on FortiSwitch.
Which two statements about the MAC-based 802.1X security mode available on FortiSwitch are true? (Choose two answers)