ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_PBC-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD-WAN?
Refer to the exhibit. You deployed an HA active-active load balance sandwich with two FortiGate VMs in Microsoft Azure. After the deployment, you prefer to use FGSP to synchronize sessions, and allow asymmetric return traffic In the environment, FortiGate port 1 and port 2 are facing external and internal load balancers respectively What IP address must you use in the peerip configuration?
Refer to Exhibit: The exhibit shows the Connect Peers settings on Amazon Web Services (AWS) transit gateway attachments With two FortiGate VMS in a security VPC. Which two statements are correct? (Choose two.)
Refer to the exhibit You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error message. What could be the reason that you are getting the command not found error?
Refer to the exhibit You deployed an HA active-passive FortiGate VM in Microsoft Azure. Which two statements regarding this particular deployment are true? (Choose two.)
Refer to the exhibit. What would be the impact of confirming to delete all the resources in Terraform?
You have created a TGW route table to route traffic from your spoke VPC to the security VPC where two FortiGate devices are inspecting traffic. Your spoke VPC CIDR block is already propagated to the Transit Gateway (TGW) route table. Which type of attachment should you use to advertise routes through BGP from the spoke VPC to the security VPC?
Refer to the exhibit An administrator is trying to deploy a FortiGate VM in Microsoft Azure using Terraform However, during the configuration, the Azure client secret is no longer visible in the Azure portal. How would the administrator obtain the Azure client secret to configure on Terratorm?
Which statement about immutable infrastructure in automation is true?
Refer to the exhibit. What value or values must the administrator use in the SSH Key section to deploy a FortiGate VM using Terraform in Amazon Web Services (AWS)?

Question 9 - NSE7_PBC-7.2 discussion

Report
Export

Refer to Exhibit:

The exhibit shows the Connect Peers settings on Amazon Web Services (AWS) transit gateway attachments With two FortiGate VMS in a security VPC.

Which two statements are correct? (Choose two.)

A.
The peer GRE address is the FortiGate external interface IP address.
Answers
A.
The peer GRE address is the FortiGate external interface IP address.
B.
The Transit Gateway GRE address is auto-generated
Answers
B.
The Transit Gateway GRE address is auto-generated
C.
The BGP inside CIDR blocks can be any CIDR block with /29
Answers
C.
The BGP inside CIDR blocks can be any CIDR block with /29
D.
The Peer GRE address is the FortiGate internal interface IP address
Answers
D.
The Peer GRE address is the FortiGate internal interface IP address
Suggested answer: A, B

Explanation:

A) The peer GRE address is the FortiGate external interface IP address.This is the IP address of the FortiGate interface that is connected to the transit gateway attachment subnet1.This IP address is used to establish the GRE tunnel between the FortiGate and the transit gateway2. B) The Transit Gateway GRE address is auto-generated.This is the IP address of the transit gateway that is used to establish the GRE tunnel with the FortiGate2.This IP address is automatically assigned by AWS from the Transit Gateway CIDR range that you specify when you create the Connect attachment3.

The other options are incorrect because:

The BGP inside CIDR blocks cannot be any CIDR block with /29.They must be a /29 CIDR block from the 169.254.0.0/16 range for IPv4, or a /125 CIDR block from the fd00::/8 range for IPv64.These are the inside IP addresses that are used for BGP peering over the GRE tunnel4.

The Peer GRE address is not the FortiGate internal interface IP address.The internal interface IP address is used to route traffic from the FortiGate to the VPC subnet where the third-party appliance (such as SD-WAN) is located1.The Peer GRE address is used to route traffic from the FortiGate to the transit gateway over the GRE tunnel2.

Show Answer
asked 18/09/2024
Zarate, Wilfredo
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms