Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam FCSS_NST_SE-7.4 Topic 2 Question 7 Discussion

Actual exam question for Fortinet's FCSS_NST_SE-7.4 exam
Question #: 7
Topic #: 2
[All FCSS_NST_SE-7.4 Questions]

An administrator wants to capture encrypted phase 2 traffic between two FotiGate devices using the built-in sniffer.

If the administrator knows that there Is no NAT device located between both FortiGate devices, which command should the administrator run?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Heike at Nov 14, 2024, 05:24 AM

Limited Time Offer

25%

Off

Get Premium FCSS_NST_SE-7.4 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Azalee
4 days ago
Ah, the age-old question of which sniffer command to use. I wonder if the answer is hidden in a FortiGate Easter egg somewhere?
upvoted 0 times
...
Aleta
6 days ago
I'm not sure, but I think A) diagnose sniffer packet any 'udp port 500' could also be a valid option.
upvoted 0 times
...
Rhea
7 days ago
This is a piece of cake! Just use 'lp proto 50' and you're good to go. Gotta love those cryptic protocol numbers, am I right?
upvoted 0 times
...
Coral
8 days ago
I agree with France, because UDP port 4500 is commonly used for IPSec traffic.
upvoted 0 times
...
Cyndy
14 days ago
Hold up, what about 'udp port 4500'? That's the port for NAT-T, isn't it? I think that might be a better choice if there's no NAT involved.
upvoted 0 times
...
Edmond
17 days ago
Hmm, I'm not so sure. Why not just go for the classic 'udp port 500' command? It's simple and gets the job done, right?
upvoted 0 times
...
Loise
20 days ago
Option D is the way to go! Capturing 'ah' traffic is the correct command for sniffing encrypted Phase 2 traffic without NAT.
upvoted 0 times
Brett
6 days ago
B) diagnose sniffer packet any 'lp proto 50'
upvoted 0 times
...
Alba
12 days ago
A) diagnose sniffer packet any 'udp port 500'
upvoted 0 times
...
...
France
20 days ago
I think the answer is C) diagnose sniffer packet any 'udp port 4500'.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77