Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE7_NST-7.2 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam
Question #: 20
Topic #: 4
[All NSE7_NST-7.2 Questions]

Exhibit.

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

B)

C)

D)

Show Suggested Answer Hide Answer
Suggested Answer: C

Understanding protocol states:

proto_state=00: Indicates no traffic or a closed session.

proto_state=01: Typically indicates one-way ICMP traffic or a partially established TCP session.

proto_state=10: Indicates an established TCP session, where the session has completed the three-way handshake and both sides can send and receive data.

proto_state=11: Often indicates a fully established and active bidirectional session.

Explanation of correct answer:

proto_state=10 is the correct indication for an established TCP session as it signifies that the session is fully established and active.


Fortinet Network Security 7.2 Support Engineer Documentation

Fortinet Firewall Protocol State Documentation

by Larae at Jan 27, 2025, 10:47 AM

Limited Time Offer

25%

Off

Get Premium NSE7_NST-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Helene
2 months ago
I'm feeling pretty confident about this one. The exhibit clearly shows the correct commands to use. Now, time to ace this exam and become a FortiGate ninja!
upvoted 0 times
Francis
12 days ago
You got this! Just remember to follow the exhibit for the correct commands.
upvoted 0 times
...
Mirta
13 days ago
Make sure to use both commands to analyze the traffic flow.
upvoted 0 times
...
Charlette
23 days ago
Option A and Option B are the correct commands to view the traffic.
upvoted 0 times
...
...
Ozell
2 months ago
Ha! Looks like the admin has a case of the 'port-blindness'. Time to break out the 'diagnose glasses' and get that traffic flowing again!
upvoted 0 times
Justine
3 days ago
Hopefully that clears up the 'port-blindness'!
upvoted 0 times
...
Carlton
24 days ago
No problem, happy to help!
upvoted 0 times
...
Christoper
1 months ago
Thanks for the tip! I'll try those out.
upvoted 0 times
...
Lashaunda
1 months ago
Option A and Option C are the commands you need.
upvoted 0 times
...
...
Brandon
2 months ago
Hmm, I'm still a bit confused. Why can't we just use the diagnose sniffer command like usual? Maybe I need to review the FortiGate configuration in more detail.
upvoted 0 times
...
Christiane
2 months ago
Option B and D look like the correct commands to view the traffic. I'll need to remember that for the exam.
upvoted 0 times
Natalya
1 months ago
Yes, those commands should help you analyze the traffic flow between port1 and port7.
upvoted 0 times
...
Venita
2 months ago
I agree, Option B and D seem to be the correct commands to view the traffic.
upvoted 0 times
...
...
Glennis
2 months ago
I'm not sure, but I think C and D could also be correct options.
upvoted 0 times
...
Nieves
2 months ago
I agree with Lashawnda, A and B make sense for viewing the traffic.
upvoted 0 times
...
Lashawnda
2 months ago
I think the answer is A and B.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77