ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam NSE4_FGT-7.2 All Questions

View all questions & answers for the NSE4_FGT-7.2 exam
Go to Exam

Exam NSE4_FGT-7.2 topic 1 question 39 discussion

Actual exam question from Fortinet's NSE4_FGT-7.2
Question #: 39
Topic #: 1
[All NSE4_FGT-7.2 Questions]

Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command shown in the exhibit.

If option 5 is used with the IPS diagnostic command and the outcome is a decrease in the CPU usage, what is the correct conclusion?

  • A. The IPS engine is unable to prevent an intrusion attack.
  • B. The IPS engine is inspecting a high volume of traffic.
  • C. The IPS engine will continue to run in a normal state.
  • D. The IPS engine is blocking all traffic.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by BoostBoris at Feb. 11, 2023, 3:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
BoostBoris
Highly Voted 2 years, 2 months ago
B is correct. IPS engine remains active, but doesn't inspect traffic. If the CPU use decreases after that, it usually indicates that the volume of traffic being inspected is too high for that FortiGate model.
upvoted 9 times
...
Slash_JM
Most Recent 1 year, 7 months ago
Selected Answer: B
FortiGate Security 7.2 Study Guide p.417
upvoted 2 times
...
raydel92
1 year, 8 months ago
Selected Answer: B
B. The IPS engine is inspecting a high volume of traffic. Reference and download study guide: https://ebin.pub/fortinet-fortigate-security-study-guide-for-fortios-72.html
upvoted 1 times
...
Dani_Prime
1 year, 8 months ago
B is correct: fortinet-fortigate-security-study-guide-for-fortios-72 page 417 If there are high-CPU use problems caused by the IPS, you can use the diagnose test application ipsmonitor command with option 5 to isolate where the problem might be. Option 5 enables IPS bypass mode. In this mode, the IPS engine is still running, but it is not inspecting traffic. If the CPU use decreases after that, it usually indicates that the volume of traffic being inspected is too high for that FortiGate model.
upvoted 3 times
...
[Removed]
1 year, 8 months ago
Selected Answer: B
Correct answer: B
upvoted 1 times
...
D1360_1304
1 year, 9 months ago
B. Is correct.
upvoted 1 times
...
Deep_Purple
1 year, 9 months ago
IMHO, A is correct: Option 5 enables IPS bypass mode. In this mode, the IPS is still running, but it is not inspecting traffic. If the CPU use decreases after that, it usually indicates that the volume of traffic being inspected is too high for that particular FortiGate model. If the CPU use remains high after enabling IPS bypass mode, it usually indicates a problem in the IPS engine that you must report to Fortinet's support. Enterprise_Firewall_7.0_Study_Guide-Online pg 405
upvoted 2 times
...
Eggrolls
1 year, 10 months ago
Selected Answer: B
FortiGate_Security_7.2_Study_Guide page 417
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago