ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_EFW-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit, which shows two configured FortiGate devices and peering over FGSP. The main link directly connects the two FortiGate devices and is configured using the set session-syn-dev <interface> command. What is the primary reason to configure the main link?
Exhibit. Refer to the exhibit, which contains a partial policy configuration. Which setting must you configure to allow SSH?
Which, three conditions are required for two FortiGate devices to form an OSPF adjacency? (Choose three.)
Which FortiGate in a Security I auric sends togs to FortiAnalyzer?
Exhibit. Refer to the exhibit, which shows information about an OSPF interlace What two conclusions can you draw from this command output? (Choose two.)
Refer to the exhibit. which contains a partial configuration of the global system. What can you conclude from this output?
Which two statements about metadata variables are true? (Choose two.)
Refer to the exhibit, which shows a network diagram. Which IPsec phase 2 configuration should you impalement so that only one remote site is connected at any time?
Which two statements about IKE vision 2 are true? (Choose two.)
Refer to the exhibits, which contain the network topology and BGP configuration for a hub. Exhibit A. Exhibit B. An administrator is trying to configure ADVPN with a hub and spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however the spokes are not receiving route information from each other. What change must the administrator make to the hub BGP configuration so that the routes learned from one spoke are forwarded to the other spoke?

Question 11 - NSE7_EFW-7.2 discussion

Report
Export

Which two statements about ADVPN are true? (Choose two.)

A.
You must disable add-route in the hub.
Answers
A.
You must disable add-route in the hub.
B.
AllFortiGate devices must be in the same autonomous system (AS).
Answers
B.
AllFortiGate devices must be in the same autonomous system (AS).
C.
The hub adds routes based on IKE negotiations.
Answers
C.
The hub adds routes based on IKE negotiations.
D.
You must configure phase 2 quick mode selectors to 0.0.0.0 0.0.0.0.
Answers
D.
You must configure phase 2 quick mode selectors to 0.0.0.0 0.0.0.0.
Suggested answer: C, D

Explanation:

C) The hub adds routes based on IKE negotiations: This is part of the ADVPN functionality where the hub learns about the networks behind the spokes and can add routes dynamically based on the IKE negotiations with the spokes.

You must configure phase 2 quick mode selectors to 0.0.0.0 0.0.0.0: This wildcard setting in the phase 2 selectors allows any-to-any tunnel establishment, which is necessary for the dynamic creation of spoke-to-spoke tunnels. These configurations are outlined in Fortinet's documentation for setting up ADVPN, where the hub's role in route control and the use of wildcard selectors for phase 2 are emphasized to enable dynamic tunneling between spokes.


Show Answer
asked 18/09/2024
Perry Schoenmaker
37 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms