Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Fortinet Exam NSE7_NST-7.2 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam
Question #: 20
Topic #: 4
[All NSE7_NST-7.2 Questions]

Exhibit.

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

B)

C)

D)

Show Suggested Answer Hide Answer
Suggested Answer: C

Understanding protocol states:

proto_state=00: Indicates no traffic or a closed session.

proto_state=01: Typically indicates one-way ICMP traffic or a partially established TCP session.

proto_state=10: Indicates an established TCP session, where the session has completed the three-way handshake and both sides can send and receive data.

proto_state=11: Often indicates a fully established and active bidirectional session.

Explanation of correct answer:

proto_state=10 is the correct indication for an established TCP session as it signifies that the session is fully established and active.


Fortinet Network Security 7.2 Support Engineer Documentation

Fortinet Firewall Protocol State Documentation

Contribute your Thoughts:

Glennis
2 days ago
I'm not sure, but I think C and D could also be correct options.
upvoted 0 times
...
Nieves
3 days ago
I agree with Lashawnda, A and B make sense for viewing the traffic.
upvoted 0 times
...
Lashawnda
4 days ago
I think the answer is A and B.
upvoted 0 times
...

Save Cancel