ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE7_EFW-7.0 All Questions

View all questions & answers for the NSE7_EFW-7.0 exam
Go to Exam

Exam NSE7_EFW-7.0 topic 1 question 43 discussion

Actual exam question from Fortinet's NSE7_EFW-7.0
Question #: 43
Topic #: 1
[All NSE7_EFW-7.0 Questions]

Refer to the exhibit, which shows the output of diagnose sys session list.

If the HA ID for the primary device is 0, what will happen if the primary fails and the secondary becomes the primary?

  • A. Traffic for this session continues to be permitted on the new primary device after failover, without requiring the client to restart the session with the server.
  • B. The secondary device has this session synchronized; however, because application control is applied, the session will be marked dirty and have to be re-evaluated after failover.
  • C. The session state will be preserved but the kernel will need to re-evaluate the session due to NAT being applied.
  • D. The session will be removed from the session table of the secondary device due to the presence of allowed error packets, which will force the client to restart the session with the server.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by jjejje at Jan. 31, 2023, 12:11 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ay_dos
1 month, 1 week ago
Answer is C. A. wrong app_ntr means the session is not allowing traffic - is it blocking the traffic B. Wrong No indication of Application control c. Correct - based on elimination, and May_dirty means change in route required session to be reevaluated D. There is no secondary, Primary failed. And session is already syned to the new Primary.
upvoted 1 times
...
Georgezhong
5 months, 2 weeks ago
Enterprise_Firewall_7.0_Study_Guide-Online.pdf page 226
upvoted 2 times
...
nse_student
6 months, 3 weeks ago
Selected Answer: A
A is correct!
upvoted 1 times
...
MI098
7 months, 3 weeks ago
A Enterprise_Firewall_7.0_Study_Guide-Online.pdf page 266
upvoted 1 times
theripper666
7 months, 3 weeks ago
page 226*
upvoted 2 times
...
...
certifi46
8 months ago
Selected Answer: A
synced
upvoted 2 times
...
BoostBoris
9 months, 1 week ago
Selected Answer: A
flag = synced https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-see-if-a-session-is-synced-in-HA/ta-p/194185
upvoted 3 times
...
Seph1
9 months, 4 weeks ago
Selected Answer: A
A - The session is synced.
upvoted 2 times
...
NZhang
10 months, 1 week ago
A is correct, as the session is syncd
upvoted 3 times
...
cabeza
10 months, 1 week ago
A - flow based and sync'd
upvoted 1 times
...
jjejje
11 months, 2 weeks ago
Selected Answer: B
answer
upvoted 1 times
Bsdx
10 months, 1 week ago
I dont see the "local" keyword within the session state, which makes me wonder if is really app control enforced
upvoted 1 times
cabeza
10 months ago
the app_list field marks the application, but even so that answer still doesnt make sense, app control or not the session is flowbased and syncd so it will be there on the secondary without needing to "reevaluate"
upvoted 1 times
...
BoostBoris
9 months, 1 week ago
app=0, doesn't it mean that application control is off?
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago