Fortinet NSE6_FSW-7.2 Exam Practice Test Instant Access

Question 1

Exhibit.

Two routes are not installed in the forwarding information base (FIB) as shown in the exnibit. Which two statements about these two route entries are true? (Choose two.)

AThese two routes have a higher administrative distance value available to the destina-tion networks.

BThese two routes will become primary, if the best routes are removed.

CThese two routes will be used as load-balancing routes.

DThese two routes are available in the hardware routing table.

Answer : A, B

Question 2

What are two ways in which automatic MAC address quarantine works on FortiSwitch? (Choose two.)

AFortiSwitch supports only by VLAN quarantine mode.

BFortiGate applies the quarantine-related configuration only on FortiGate.

CFortiAnalyzer with a threat detection services license is required.

DMAC address quarantine can be enabled through the FortiGate CLI only.

Answer : C, D

Question 3

Refer to the exhibit.

The exhibit shows the current status of the ports on the managed FortiSwitch. Access-1.

Why would FortiGate display a serial number in the Native VLAN column associated with the port23 entry?

Aport23 is configured as the dedicated management interface.

BPorts connected to adjacent FortiSwitch devices show their serial number as the native VLAN.

Cport23 is a member of a trunk that uses the Access-1 FortiSwitch serial number as the name of the trunk.

DA standalone switch with the shown serial number is connected on port23.

Answer : D

Question 4

Which statement about the quarantine VLAN on FortiSwitch is true?

AQuarantine VLAN has no DHCP server

BUsers who fail 802.1X authentication can be placed on the quarantine VLAN.

CIt is only used for quarantined devices if global setting is set to quarantine by VLAN.

DFortiSwitch can block devices without configuring quarantine VLAN to be part of the allowed VLANs.

Answer : C

Question 5

What are two reasons why time synchronization between FortiGate and its managed FortiSwitch is critical in switch management? (Choose two.)

AFortiSwitch does not retain its time after a reboot, which gets reset after each reboot.

BFortiSwitch will not be able to become an NTP server for downstream devices.

CFortiSwitch cannot complete the DTLS handshake used in the CAPWAP tunnel.

DFortiSwitch will not allow other FortiSwitch devices in the chain be discovered by FortiGate.

Answer : A, C

Question 6

Which interfaces on FortiSwitch send out FortiLink discovery frames by default in order to detect a FortiGate with an enabled FortiLink interface?

AAll ports have auto-discovery enabled by default.

BNo ports are enabled by default for auto-discovery. This must be configured under config switch interface.

CThe ports with auto-discovery enabled by default are dependent upon the FortiSwitch model.

DThe last four switch ports on FortiSwitch have auto-discovery enabled by default.

Answer : A

Question 7

Refer to the diagnostic output:

What makes the use of the sniffer command on the FortiSwitch CLI unreliable on__port__23?

AThe types of packets captured is limited.

BJust the port egress payloads are printed on CLI.

COnly untagged VLAN traffic can be captured.

DThe switch port might be used as a trunk member

Answer : A

Fortinet NSE6_FSW-7.2 Fortinet NSE 6 - FortiSwitch 7.2 Exam Practice Test