Practice Free NSE7_SDW-7.2 Exam Online Questions
Refer to the exhibits.
Exhibit A
Exhibit B –
Exhibit A shows the configuration for an SD-WAN rule and exhibit B shows the respective rule status, the routing table, and the member status.
The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule.
Based on the exhibits, what can the administrator expect for traffic matching the SD-WAN rule?
- A . The traffic will be load balanced across all three overlays.
- B . The traffic will be routed over T_INET_0_0.
- C . The traffic will be routed over T_MPLS_0.
- D . The traffic will be routed over T_INET_1_0.
Which two components are essential for configuring a Secure SD-WAN solution? (Choose two)
- A . FortiGate
- B . FortiSandbox
- C . FortiManager
- D . FortiAnalyzer
Refer to the exhibit.
Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?
- A . The type of traffic defined and allowed on firewall policy ID 1 is UDP.
- B . FortiGate has terminated the session after a change on policy ID 1.
- C . Changes have been made on firewall policy ID 1 on FortiGate.
- D . Firewall policy ID 1 has source NAT disabled.
Which statement best describes Zero-touch deployment in FortiGate SD-WAN?
- A . Devices must be manually configured at each location.
- B . Devices automatically configure themselves with a predefined configuration from FortiManager.
- C . No user authentication is required for deployment.
- D . Deployment can only be done remotely with no physical access to the device.
Refer to the exhibits.
Exhibit A –
Exhibit B
Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt.
Exhibit B shows the system global and system settings configuration on dc1_fgt.
When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule.
Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?
- A . Enable auxiliary-session under config system settings.
- B . Disable tсp-session-without-syn under config system settings.
- C . Enable snat-route-change under config system global.
- D . Disable allow-subnet-overlap under config system settings.
Refer to the Exhibits:
Exhibit A, which shows the SD-WAN performance SLA and exhibit B shows the health of the participating SD-WAN members.
Based on the exhibits, which statement is correct?
- A . The dead member interface stays unavailable until an administrator manually brings the interface back.
- B . Port2 needs to wait 500 milliseconds to change the status from alive to dead.
- C . Static routes using port2 are active in the routing table.
- D . FortiGate has not received three consecutive requests from the SLA server configured for port2.
What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)
- A . The FortiGate cloud key has not been added to the FortiGate cloud portal.
- B . FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
- C . The zero-touch provisioning process has completed internally, behind FortiGate.
- D . FortiGate has obtained a configuration from the platform template in FortiGate cloud.
- E . A factory reset performed on FortiGate.