Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Fortinet
  3. Fortinet Certification
  4. NSE7_SDW-7.2 - Fortinet NSE 7 - SD-WAN 7.2

NSE7_SDW-7.2 Exam Dumps - Fortinet NSE 7 - SD-WAN 7.2

Go to page:
Question # 9

Which diagnostic command can you use to show the configured SD-WAN zones and their assigned members?

A.

diagnose sys sdwan zone

B.

diagnose sys sdwan service

C.

diagnose sys sdwan member

D.

diagnose sys sdwan interface

Full Access
Question # 10

Which diagnostic command can you use to show the member utilization statistics measured by performance SLAs for the last 10 minutes?

A.

diagnose sys sdwan sla-log

B.

diagnose ays sdwan health-check

C.

diagnose sys sdwan intf-sla-log

D.

diagnose sys sdwan log

Full Access
Question # 11

What is a benefit of using application steering in SD-WAN?

A.

The traffic always skips the regular policy routes.

B.

You steer traffic based on the detected application.

C.

You do not need to enable SSL inspection.

D.

You do not need to configure firewall policies that accept the SD-WAN traffic.

Full Access
Question # 12

Refer to the exhibits.

Exhibit A -

Exhibit B -

Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt.

When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule.

Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?

A.

Enable auxiliary-session under config system settings.

B.

Disable tсp-session-without-syn under config system settings.

C.

Enable snat-route-change under config system global.

D.

Disable allow-subnet-overlap under config system settings.

Full Access
Question # 13

Which two tasks are part of using central VPN management? (Choose two.)

A.

You can configure full mesh, star, and dial-up VPN topologies.

B.

You must enable VPN zones for SD-WAN deployments.

C.

FortiManager installs VPN settings on both managed and external gateways.

D.

You configure VPN communities to define common IPsec settings shared by all VPN gateways.

Full Access
Question # 14

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI.

Based on the exhibit, which statement is true?

A.

You can delete the virtual-wan-link zone because it contains no member.

B.

The corporate zone contains no member.

C.

You can move port1 from the underlay zone to the overlay zone.

D.

The overlay zone contains four members.

Full Access
Question # 15

Which statement about using BGP routes in SD-WAN is true?

A.

Learned routes can be used as dynamic destinations in SD-WAN rules.

B.

You must use BGP to route traffic for both overlay and underlay links.

C.

You must configure AS path prepending.

D.

You must use external BGP.

Full Access
Question # 16

Refer to the exhibit.

Based on the exhibit, which two actions does FortiGate perform on traffic passing through port2? (Choose two.)

A.

FortiGate does not change the routing information on existing sessions that use a valid gateway, after a route change.

B.

FortiGate performs routing lookups for new sessions only, after a route change.

C.

FortiGate always blocks all traffic, after a route change.

D.

FortiGate flushes all routing information from the session table, after a route change.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps