Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE7_NST-7.2 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam
Question #: 20
Topic #: 4
[All NSE7_NST-7.2 Questions]

Exhibit.

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

B)

C)

D)

Show Suggested Answer Hide Answer
Suggested Answer: C

Understanding protocol states:

proto_state=00: Indicates no traffic or a closed session.

proto_state=01: Typically indicates one-way ICMP traffic or a partially established TCP session.

proto_state=10: Indicates an established TCP session, where the session has completed the three-way handshake and both sides can send and receive data.

proto_state=11: Often indicates a fully established and active bidirectional session.

Explanation of correct answer:

proto_state=10 is the correct indication for an established TCP session as it signifies that the session is fully established and active.


Fortinet Network Security 7.2 Support Engineer Documentation

Fortinet Firewall Protocol State Documentation

by Larae at Jan 27, 2025, 10:47 AM

Limited Time Offer

25%

Off

Get Premium NSE7_NST-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ozell
3 days ago
Ha! Looks like the admin has a case of the 'port-blindness'. Time to break out the 'diagnose glasses' and get that traffic flowing again!
upvoted 0 times
...
Brandon
8 days ago
Hmm, I'm still a bit confused. Why can't we just use the diagnose sniffer command like usual? Maybe I need to review the FortiGate configuration in more detail.
upvoted 0 times
...
Christiane
16 days ago
Option B and D look like the correct commands to view the traffic. I'll need to remember that for the exam.
upvoted 0 times
...
Glennis
18 days ago
I'm not sure, but I think C and D could also be correct options.
upvoted 0 times
...
Nieves
20 days ago
I agree with Lashawnda, A and B make sense for viewing the traffic.
upvoted 0 times
...
Lashawnda
20 days ago
I think the answer is A and B.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77