Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_NST-7.2 Topic 4 Question 20 Discussion

Actual exam question for Fortinet's NSE7_NST-7.2 exam
Question #: 20
Topic #: 4
[All NSE7_NST-7.2 Questions]

Exhibit.

Refer to the exhibit, which shows the omitted output of diagnose npu np6 port-list on a FortiGate1500D.

An administrator is unable to analyze traffic flowing between port1 and port7 using the diagnose sniffer command.

Which two commands allow the administrator to view the traffic? (Choose two.)

A)

B)

C)

D)

Show Suggested Answer Hide Answer
Suggested Answer: C

Understanding protocol states:

proto_state=00: Indicates no traffic or a closed session.

proto_state=01: Typically indicates one-way ICMP traffic or a partially established TCP session.

proto_state=10: Indicates an established TCP session, where the session has completed the three-way handshake and both sides can send and receive data.

proto_state=11: Often indicates a fully established and active bidirectional session.

Explanation of correct answer:

proto_state=10 is the correct indication for an established TCP session as it signifies that the session is fully established and active.


Fortinet Network Security 7.2 Support Engineer Documentation

Fortinet Firewall Protocol State Documentation

by Larae at Jan 27, 2025, 10:47 AM

Limited Time Offer

25%

Off

Get Premium NSE7_NST-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Glennis
2 days ago
I'm not sure, but I think C and D could also be correct options.
upvoted 0 times
...
Nieves
3 days ago
I agree with Lashawnda, A and B make sense for viewing the traffic.
upvoted 0 times
...
Lashawnda
4 days ago
I think the answer is A and B.
upvoted 0 times
...

Save Cancel