考试篇(5.2) NSE4 题库 20. 诊断 ❀ 飞塔 (Fortinet) 网络安全专家

　　【简介】Fortinet 飞塔网络安全专家 (4) 考试共 120 分钟，共 60 道英文选择题，答对 70% 计 42 道题为合格。

---

Examine at the output below from the diagnose sys top command:〖检查来自diagnose sys top 命令的输出〗

　　# diagnose sys top 1
　　Run Time: 11 days, 3 hours and 29 minutes
　　0U, 0N, 1S, 99I; 971T, 528F, 160KF
　　sshd 123 S 1.9 1.2
　　ipsengine 61 S < 0.0 5.2
　　miglogd 45 S 0.0 4.9
　　pyfcgid 75 S 0.0 4.5
　　pyfcgid 73 S 0.0 3.9

　　Which statements are true regarding the output above? (Choose two)〖哪些关于上面输出的描述是真实的？(选择两个)〗

　　A. The sshd process is the one consuming most CPU.〖sshd进程消耗大多数CPU〗

　　B. The sshd process is using 123 pages of memory.〖sshd进程使用123页内存〗

　　C. The command diagnose sys kill miglogd will restart the miglogd process.〖诊断系统的命令杀死miglogd并重启miglogd进程〗

　　D. All the processes listed are in sleeping state.〖列出的所有进程都在睡眠状态〗

　　【分析】

　　diagnose sys top 显式了每个进程的独立使用率。进程状态显示Ｓ，表示是睡眠状态。

　　【答案】ＡＤ

Examine the following output from the diagnose sys session list command:〖检查来自diagnose sys session list 命令的输出〗

　　session info: proto=6proto_state=65 duration=3 expire=9 timeout=3600 flags=00000000sockflag=00000000 sockport=443 av_idx=9 use=5
　　origin-shaper=guarantee-100kbpsprio=2 guarantee 12800Bps max 134217728Bps traffic 13895Bps
　　reply-shaper=guarantee-100kbpsprio=2 guarantee 12800Bps max 134217728Bps traffic 13895Bps
　　state=redir localmay_dirty ndr npu nlb os rs
　　statistic(bytes/packets/allow_err):org=864/8/1 reply=2384/7/1 tuples=3
　　orgin->sink: orgpre->post, reply pre->post dev=7->6/6->7 gwy=172.17.87.3/10.1.10.1
　　hook=post dir=orgact=snat 192.168.1.110:57999->74.201.86.29:443(172.17.87.16:57999)
　　hook=pre dir=replyact=dnat 74.201.86.29:443->172.17.87.16:57999(192.168.1.110:57999)
　　hook=post dir=replyact=noop 74.201.86.29:443->192.168.1.110:57999(0.0.0.0:0)
　　misc=0 policy_id=1id_policy_id=0 auth_info=0 chk_client_info=0 vd=0
　　npuinfo: flag=0x00/0x00, offload=0/0, ips_offload=0/0, epid=0/0, ipid=0/0,vlan=0/0

　　Which statements are true regarding the session above? (Choose two)〖哪些关于上面会话的描述是真实的？(选择两个)〗

　　A. Session Time-To-Live (TTL) was configured to 9 seconds.〖会话 Time-To-Live (TTL) 被配置为9秒〗

　　B. FortiGate is doing NAT of both the source and destination IP addresses on all packets coming from the 192.168.1.110 address.〖FortiGate做NAT的源和目标IP地址在所有数据包来自192.168.1.110地址〗

　　C. The IP address 192.168.1.110 is being translated to 172.17.87.16. 〖IP地址192.168.1.110被转换成172.17.87.16〗

　　D. The FortiGate is not translating the TCP port numbers of the packets in this session.〖在这个会话中FortiGate不转换TCP端口号的数据包〗

　　【分析】

　　hook=post dir=orgact=snat 192.168.1.110:57999->74.201.86.29:443(172.17.87.16:57999)　　

　　【答案】ＣＤ

In which process states is it impossible to interrupt/kill a process? (Choose two) 〖哪些进程状态是不可能中断或杀死一个进程的?(选择两个)〗

　　A. S – Sleep〖睡眠〗

　　B. R – Running 〖运行〗

　　C. D – Uninterruptable Sleep〖不间断睡眠〗

　　D. Z – Zombie〖僵尸〗

　　【分析】

　　不间断睡眠和僵尸进程是不能中断或杀死的。

　　【答案】ＣＤ

飞塔技术-老梅子   QQ：57389522

---