Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE7_SDW-7.2

Fortinet NSE7_SDW-7.2 Exam Practice Questions (P. 2)

  • Full Access (70 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Which are three key routing principles in SD-WAN? (Choose three.)
  1. A
    By default. SD-WAN members are skipped if they do not have a valid route to the destination.
  2. B
    By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.
  3. C
    FortiGate performs route lookups for new sessions only.
  4. D
    SD-WAN rules have precedence over ISDB routes.
  5. E
    Regular policy routes have precedence over SD-WAN rules.

Correct Answer: ABD ?️

Question #7
Refer to the exhibit.

Two hub-and-spoke groups are connected through a site-to-site IPsec VPN between Hub 1 and Hub 2.
Which two configuration settings are required for Toronto and London spokes to establish an ADVPN shortcut? (Choose two.)
  1. A
    On the hubs, net-device must be enabled on all IPsec VPNs.
  2. B
    auto-discovery-forwarder must be enabled on all IPsec VPNs.
  3. C
    On the spokes, auto-discovery-receiver must be enabled on the IPsec VPN to the hub.
  4. D
    On the hubs, auto-discovery-sender must be enabled on the IPsec VPNs to spokes.

Correct Answer: CD ?️

Question #8
Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?
  1. A
    get router info routing-table all
  2. B
    get ipsec tunnel list
  3. C
    diagnose vpn tunnel list
  4. D
    diagnose debug application ike

Correct Answer: D ?️

Question #9
What are two common use cases for remote internet access (RIA)? (Choose two.)
  1. A
    Provide internet access through the hub.
  2. B
    Centralize security inspection on the hub.
  3. C
    Provide thorough inspection on spokes.
  4. D
    Provide direct internet access on spokes.

Correct Answer: AB ?️

Question #10
Refer to the exhibits.
Exhibit A.

Exhibit B.

An administrator is testing application steering in SD-WAN. Before generating test traffic, the administrator collected the information shown in exhibit A.
After generating GoToMeeting test traffic, the administrator examined the respective traffic log on FortiAnalyzer, which is shown in exhibit B. The administrator noticed that the traffic matched the implicit SD-WAN rule, but they expected the traffic to match rule ID 1.
Which two reasons explain why some log messages show that the traffic matched the implicit SD-WAN rule? (Choose two.)
  1. A
    Port1 and port2 do not have a valid route to the destination.
  2. B
    The session 3-tuple did not match any of the existing entries in the ISDB application cache.
  3. C
    Full SSL inspection is not enabled on the matching firewall policy.
  4. D
    FortiGate did not refresh the routing information on the session after the application was detected.

Correct Answer: BD ?️

Previous Questions Next Questions

All Pages