ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_SDW-7.2

Fortinet NSE7_SDW-7.2 Practice Test - Questions Answers

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. Based on the output shown in the exhibit, which two criteria on the SD-WAN member configuration can be used to select an outgoing interface in an SD-WAN rule? (Choose two.)
Refer to the exhibit. Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)
In which SD-WAN template field can you use a metadata variable?
Exhibit B -- Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate. Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?
Refer to the exhibit. Which statement explains the output shown in the exhibit?
What are two advantages of using an IPsec recommended template to configure an IPsec tunnel in a hub-and-spoke topology? (Choose two.)
Refer to the exhibit. The exhibit shows output of the command diagnose 3vg sdwan service collected on a FortiGate device. The administrator wants to know through which interface FortiGate will steer the traffic from local users on subnet 10.0.1.0/255.255.255.192 and with a destination of the business application Salesforce located on HO servers 10.0.0.1. Based on the exhibits, which two statements are correct? (Choose two.)
Refer to the exhibit. FortiGate has multiple dial-up VPN interfaces incoming on port1 that match only FIRST_VPN. Which two configuration changes must be made to both IPsec VPN interfaces to allow incoming connections to match all possible IPsec dial-up interfaces? (Choose two.)
Exhibit. The exhibit shows VPN event logs on FortiGate. In the output shown in the exhibit, which statement is true?
Exhibit. The exhibit shows the output of the command diagnose sys sdwan health-check status collected on a FortiGate device. Which two statements are correct about the health check status on this FortiGate device? (Choose two.)

Question 1

Report
Export
Collapse

Which are two benefits of using CLI templates in FortiManager? (Choose two.)

A.
You can reference meta fields.
A.
You can reference meta fields.
Answers
B.
You can configure interfaces as SD-WAN members without having to remove references first.
B.
You can configure interfaces as SD-WAN members without having to remove references first.
Answers
C.
You can configure FortiManager to sync local configuration changes made on the managed device, to the CLI template.
C.
You can configure FortiManager to sync local configuration changes made on the managed device, to the CLI template.
Answers
D.
You can configure advanced CLI settings.
D.
You can configure advanced CLI settings.
Answers
Suggested answer: A, D

Question 2

Report
Export
Collapse

Refer to the exhibit.

The device exchanges routes using IBGP.

Which two statements are correct about the IBGP configuration and routing information on the device? (Choose two.)

A.
Each BGP route is three hops away from the destination.
A.
Each BGP route is three hops away from the destination.
Answers
B.
ibgp-multipath is disabled.
B.
ibgp-multipath is disabled.
Answers
C.
additional-path is enabled.
C.
additional-path is enabled.
Answers
D.
You can run the get router info routing-table database command to display the additional paths.
D.
You can run the get router info routing-table database command to display the additional paths.
Answers
Suggested answer: C, D

Question 3

Report
Export
Collapse

Refer to the exhibits.

Exhibit A -

Exhibit B -

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member status, the routing table, and the performance SLA status.

If port2 is detected dead by FortiGate, what is the expected behavior?

A.
Port2 becomes alive after three successful probes are detected.
A.
Port2 becomes alive after three successful probes are detected.
Answers
B.
FortiGate removes all static routes for port2.
B.
FortiGate removes all static routes for port2.
Answers
C.
The administrator manually restores the static routes for port2, if port2 becomes alive.
C.
The administrator manually restores the static routes for port2, if port2 becomes alive.
Answers
D.
Host 8.8.8.8 is reachable through port1 and port2.
D.
Host 8.8.8.8 is reachable through port1 and port2.
Answers
Suggested answer: B

Explanation:

This is due to Update static route is enable which removes the static route entry referencing the interface if the interface is dead

Question 4

Report
Export
Collapse

Which best describes the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

A.
Interface-based shaping mode
A.
Interface-based shaping mode
Answers
B.
Reverse-policy shaping mode
B.
Reverse-policy shaping mode
Answers
C.
Shared-policy shaping mode
C.
Shared-policy shaping mode
Answers
D.
Per-IP shaping mode
D.
Per-IP shaping mode
Answers
Suggested answer: A

Explanation:

Interface-based shaping goes further, enabling traffic controls based on percentage of the interface bandwidth.

Question 5

Report
Export
Collapse

In a hub-and-spoke topology, what are two advantages of enabling ADVPN on the IPsec overlays? (Choose two.)

A.
It provides the benefits of a full-mesh topology in a hub-and-spoke network.
A.
It provides the benefits of a full-mesh topology in a hub-and-spoke network.
Answers
B.
It provides direct connectivity between spokes by creating shortcuts.
B.
It provides direct connectivity between spokes by creating shortcuts.
Answers
C.
It enables spokes to bypass the hub during shortcut negotiation.
C.
It enables spokes to bypass the hub during shortcut negotiation.
Answers
D.
It enables spokes to establish shortcuts to third-party gateways.
D.
It enables spokes to establish shortcuts to third-party gateways.
Answers
Suggested answer: A, B

Question 6

Report
Export
Collapse

Which action fortigate performs on the traffic that is subject to a per-IP traffic shaper of 10 Mbps?

A.
FortiGate applies traffic shaping to the original traffic direction only.
A.
FortiGate applies traffic shaping to the original traffic direction only.
Answers
B.
FortiGate shares 10 Mbps of bandwidth equally among all source IP addresses. RIAS
B.
FortiGate shares 10 Mbps of bandwidth equally among all source IP addresses. RIAS
Answers
C.
Fortigate limits each source ip address to a maximum bandwidth of 10 Mbps.
C.
Fortigate limits each source ip address to a maximum bandwidth of 10 Mbps.
Answers
D.
FortiGate guarantees a minimum of 10 Mbps of bandwidth to each source IP address.
D.
FortiGate guarantees a minimum of 10 Mbps of bandwidth to each source IP address.
Answers
Suggested answer: C

Question 7

Report
Export
Collapse

Refer to the Exhibits:

Exhibit A, which shows the SD-WAN performance SLA and exhibit B shows the health of the participating SD-WAN members.

Based on the exhibits, which statement is correct?

A.
The dead member interface stays unavailable until an administrator manually brings the interface back.
A.
The dead member interface stays unavailable until an administrator manually brings the interface back.
Answers
B.
Port2 needs to wait 500 milliseconds to change the status from alive to dead.
B.
Port2 needs to wait 500 milliseconds to change the status from alive to dead.
Answers
C.
Static routes using port2 are active in the routing table.
C.
Static routes using port2 are active in the routing table.
Answers
D.
FortiGate has not received three consecutive requests from the SLA server configured for port2.
D.
FortiGate has not received three consecutive requests from the SLA server configured for port2.
Answers
Suggested answer: C

Question 8

Report
Export
Collapse

Which statement about using BGP routes in SD-WAN is true?

A.
Learned routes can be used as dynamic destinations in SD-WAN rules.
A.
Learned routes can be used as dynamic destinations in SD-WAN rules.
Answers
B.
You must use BGP to route traffic for both overlay and underlay links.
B.
You must use BGP to route traffic for both overlay and underlay links.
Answers
C.
You must configure AS path prepending.
C.
You must configure AS path prepending.
Answers
D.
You must use external BGP.
D.
You must use external BGP.
Answers
Suggested answer: A

Question 9

Report
Export
Collapse

Which two statements reflect the benefits of implementing the ADVPN solution to replace conventional VPN topologies? (Choose two.)

A.
It creates redundant tunnels between hub-and-spokes, in case failure takes place on the primary links.
A.
It creates redundant tunnels between hub-and-spokes, in case failure takes place on the primary links.
Answers
B.
It dynamically assigns cost and weight between the hub and the spokes, based on the physical distance.
B.
It dynamically assigns cost and weight between the hub and the spokes, based on the physical distance.
Answers
C.
It ensures that spoke-to-spoke traffic no longer needs to flow through the tunnels through the hub.
C.
It ensures that spoke-to-spoke traffic no longer needs to flow through the tunnels through the hub.
Answers
D.
It provides direct connectivity between all sites by creating on-demand tunnels between spokes.
D.
It provides direct connectivity between all sites by creating on-demand tunnels between spokes.
Answers
Suggested answer: C, D

Question 10

Report
Export
Collapse

Which two statements about SD-WAN central management are true? (Choose two.)

A.
It does not allow you to monitor the status of SD-WAN members.
A.
It does not allow you to monitor the status of SD-WAN members.
Answers
B.
It is enabled or disabled on a per-ADOM basis.
B.
It is enabled or disabled on a per-ADOM basis.
Answers
C.
It is enabled by default.
C.
It is enabled by default.
Answers
D.
It uses templates to configure SD-WAN on managed devices.
D.
It uses templates to configure SD-WAN on managed devices.
Answers
Suggested answer: B, D
Total 97 questions
Go to page: of 10
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms