ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_PBC-7.2
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD-WAN?
Refer to the exhibit. You deployed an HA active-active load balance sandwich with two FortiGate VMs in Microsoft Azure. After the deployment, you prefer to use FGSP to synchronize sessions, and allow asymmetric return traffic In the environment, FortiGate port 1 and port 2 are facing external and internal load balancers respectively What IP address must you use in the peerip configuration?
Refer to Exhibit: The exhibit shows the Connect Peers settings on Amazon Web Services (AWS) transit gateway attachments With two FortiGate VMS in a security VPC. Which two statements are correct? (Choose two.)
Refer to the exhibit You deployed an HA active-passive FortiGate VM in Microsoft Azure. Which two statements regarding this particular deployment are true? (Choose two.)
Refer to the exhibit. What would be the impact of confirming to delete all the resources in Terraform?
Refer to the exhibit You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error message. What could be the reason that you are getting the command not found error?
Which statement about immutable infrastructure in automation is true?
You have created a TGW route table to route traffic from your spoke VPC to the security VPC where two FortiGate devices are inspecting traffic. Your spoke VPC CIDR block is already propagated to the Transit Gateway (TGW) route table. Which type of attachment should you use to advertise routes through BGP from the spoke VPC to the security VPC?
Refer to the exhibit An administrator is trying to deploy a FortiGate VM in Microsoft Azure using Terraform However, during the configuration, the Azure client secret is no longer visible in the Azure portal. How would the administrator obtain the Azure client secret to configure on Terratorm?
Refer to the exhibit. What value or values must the administrator use in the SSH Key section to deploy a FortiGate VM using Terraform in Amazon Web Services (AWS)?

Question 30 - NSE7_PBC-7.2 discussion

Report
Export

You are asked to find a solution to replace the existing VPC peering topology to have a higher bandwidth connection from Amazon Web Services (AWS) to the on-premises data center Which two solutions will satisfy the requirement? (Choose two.)

A.
Use ECMP and VPN to achieve higher bandwidth.
Answers
A.
Use ECMP and VPN to achieve higher bandwidth.
B.
Use transit VPC to build multiple VPC connections to the on-premises data center
Answers
B.
Use transit VPC to build multiple VPC connections to the on-premises data center
C.
Use a transit VPC with hub and spoke topology to create multiple VPN connections to the on-premises data center.
Answers
C.
Use a transit VPC with hub and spoke topology to create multiple VPN connections to the on-premises data center.
D.
Use the transit gateway attachment With VPN option to create multiple VPN connections to the on-premises data center
Answers
D.
Use the transit gateway attachment With VPN option to create multiple VPN connections to the on-premises data center
Suggested answer: C, D

Explanation:

The correct answer is C and D. Use a transit VPC with hub and spoke topology to create multiple VPN connections to the on-premises data center. Use the transit gateway attachment with VPN option to create multiple VPN connections to the on-premises data center.

According to the Fortinet documentation for Public Cloud Security, a transit VPC is a VPC that serves as a global network transit center for connecting multiple VPCs, remote networks, and virtual private networks (VPNs). A transit VPC can use a hub and spoke topology to create multiple VPN connections to the on-premises data center, using the FortiGate VM as a virtual appliance that provides network security and threat prevention. A transit VPC can also leverage Equal-Cost Multi-Path (ECMP) routing to achieve higher bandwidth and load balancing across multiple VPN tunnels1.

A transit gateway is a network transit hub that connects VPCs and on-premises networks. A transit gateway attachment is a resource that connects a VPC or VPN to a transit gateway. You can use the transit gateway attachment with VPN option to create multiple VPN connections to the on-premises data center, using the FortiGate VM as a virtual appliance that provides network security and threat prevention. A transit gateway attachment with VPN option can also leverage ECMP routing to achieve higher bandwidth and load balancing across multiple VPN tunnels2.

The other options are incorrect because:

Using ECMP and VPN to achieve higher bandwidth is not a complete solution, as it does not specify how to replace the existing VPC peering topology or how to connect the AWS VPCs to the on-premises data center.

Using transit VPC to build multiple VPC connections to the on-premises data center is not a correct solution, as it does not specify how to use a hub and spoke topology or how to leverage ECMP routing for higher bandwidth.

1: Fortinet Documentation Library - Transit VPC on AWS 2: Fortinet Documentation Library - Deploying FortiGate VMs on AWS

Show Answer
asked 18/09/2024
AshokBabu Kumili
43 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms