Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam FCSS_NST_SE-7.4 Topic 1 Question 11 Discussion

Actual exam question for Fortinet's FCSS_NST_SE-7.4 exam
Question #: 11
Topic #: 1
[All FCSS_NST_SE-7.4 Questions]

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.

If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Ashlyn at Feb 06, 2025, 10:47 AM

Limited Time Offer

25%

Off

Get Premium FCSS_NST_SE-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Esteban
10 days ago
C) is tempting, but UDP port 4500 is usually for NAT-Traversal, not regular IPsec. Gotta go with A) on this one.
upvoted 0 times
...
Tamra
21 days ago
I'm not sure, but I think D) diagnose sniffer packet any 'ah' could also be a valid option for capturing encrypted traffic.
upvoted 0 times
...
Alex
22 days ago
I agree with Shelba, because UDP port 4500 is commonly used for IPsec traffic.
upvoted 0 times
...
Shelba
23 days ago
I think the answer is C) diagnose sniffer packet any 'udp port 4500'.
upvoted 0 times
...
Kina
24 days ago
Hah, reminds me of that time I accidentally sniffed my colleague's VPN traffic. Talk about an awkward moment!
upvoted 0 times
Junita
16 days ago
C) diagnose sniffer packet any 'udp port 4500'
upvoted 0 times
...
Lavera
18 days ago
A) diagnose sniffer packet any 'udp port 500'
upvoted 0 times
...
...
Malika
30 days ago
I agree with Stephaine, option A) is the way to go here. Capturing UDP port 500 traffic should give you the encrypted Phase 2 communication.
upvoted 0 times
...
Stephaine
1 months ago
A) seems like the right option, as IPsec Phase 2 traffic typically uses UDP port 500 for IKE negotiation.
upvoted 0 times
Sonia
15 days ago
Devon: Definitely, let's go with A)
upvoted 0 times
...
Marleen
16 days ago
User 3: So, we all agree on A) then?
upvoted 0 times
...
Devon
18 days ago
User 2: Yeah, that makes sense. IPsec Phase 2 traffic usually uses UDP port 500 for IKE negotiation.
upvoted 0 times
...
Freida
21 days ago
User 1: I think the answer is A) diagnose sniffer packet any 'udp port 500'
upvoted 0 times
...
...

Save Cancel