Exam NSE7_EFW-7.2 topic 1 question 4 discussion

anyone recently wrote the exam share experience if this is still valid?

This is the updated question: A. Set strict-dirty-session-check enable command instructs the FortiGate to load all dirty session traffic to its SPU B. set check-protocol-header loose command enables hardware acceleration on this FortiGate device C. set av-fail open pass command instructs the FortiGate to load all traffic that uses the antivirus proxy to NP D. Set memory-use-threshold-extreme, command instructs the FortiGate to disable hardware acceleration, if the memory extreme threshold reaches 95%.

the output does not explicitly reference any commands or parameters related to enabling or disabling Network Processors (NPs) or Content Processors (CPs). However, let's analyze the available settings for a conclusion: set av-failopen pass This indicates that antivirus scanning will allow traffic to pass even if the antivirus engine encounters an error. It does not directly affect the status of NPs or CPs. set check-protocol-header loose This loosens the protocol header checks for traffic. Again, this does not directly indicate the status of NPs or CPs. set memory-use-threshold-extreme 95 This sets the memory utilization threshold at which extreme measures may be taken, but it does not indicate anything about NPs or CPs. set strict-dirty-session-check enable This ensures stricter checks on session consistency, but it does not influence the NP or CP settings. Conclusion: The configuration does not explicitly disable NPs or CPs. Therefore, the correct conclusion is: C. NPs and CPs are enabled

Strick - disabled all NPs and CPs loose - Enables them Therefore C is correct

C is the correct answer. check-protocol-header strict diables all NPPs and CPs. Loose doesn't disable them.

charruco is correct - scrub my comment !

the question says: "loose" set check-protocol-header "loose" Enabling "strict" header checking disables all hardware acceleration (not loose config). This includes NP, SP, and CP processing. so C is correct

Answer: D "Enabling strict header checking disables all hardware acceleration. This includes NP, SP, and CP processing." https://docs.fortinet.com/document/fortigate/7.4.3/hardware-acceleration/39956/strict-protocol-header-checking-disables-hardware-acceleration

Enabling strict header checking disables all hardware acceleration. This includes NP, SP, and CP processing.

Answer: D when check-protocol-header is enabled in strict or loose mode all NPs and CPs are disabled.

Answer : C P53 check-protocol-header strict disables all NPs and CPs. "The option 'strict-dirty-session-check' will enable to check the session against the original policy when re-validating. This can prevent dropping of redirected sessions when web-filtering and authentication are enabled together. If this option is enabled, the FortiGate unit deletes a session if a routing or policy change causes the session to no longer match the policy that originally allowed the session. enable: Enable strict dirty-session check. disable: Disable strict dirty-session check." https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-fix-fw-strict-dirty-session-check-drop/ta-p/224031

It's C as per https://docs.fortinet.com/document/fortigate/7.2.4/hardware-acceleration/39956 "Enabling strict header checking disables all hardware acceleration. This includes NP, SP, and CP processing."

The answer is C,

The answer is C, nothing here can prove that NP or CP is disabled

"D" e a opção correta. Ao habilitar o "check-protocol-header loose" o FortiGate irá fazer um inspeção rigorosa no cabeçalho em L4, com isso TODA aceleração e desativada NP, SP e CP.

set check-protocol-header loose command can infer that there is an NP enabled, thus A is wrong. C is wrong D is most close to answer imo

The answer is A