Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE7_EFW-7.2 Topic 5 Question 28 Discussion

Actual exam question for Fortinet's NSE7_EFW-7.2 exam
Question #: 28
Topic #: 5
[All NSE7_EFW-7.2 Questions]

Refer to the exhibit, which contains information about an IPsec VPN tunnel.

What two conclusions can you draw from the command output? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, C

From the command output shown in the exhibit:

B . The IKE version is 2: This can be deduced from the presence of 'ver=2' in the output, which indicates that IKEv2 is being used.

C . Both IPsec SAs are loaded on the kernel: This is indicated by the line 'npu flags=0x0/0', suggesting that no offload to NPU is occurring, and hence, both Security Associations are loaded onto the kernel for processing.

Fortinet documentation specifies that the version of IKE (Internet Key Exchange) used and the loading of IPsec Security Associations can be verified through the diagnostic commands related to VPN tunnels.


Contribute your Thoughts:

Trinidad
3 days ago
I think the correct answers are A and B.
upvoted 0 times
...

Save Cancel