Pass Your Next Certification Exam Fast!

Everything you need to prepare, learn & pass your certification exam easily.

Login / Register  Shopping Cart (0)
  • Home
  • Articles
  • Certification Topics of NSE7_SDW-7.2 Exam PDF Recently Updated Questions [Q10-Q25]

Certification Topics of NSE7_SDW-7.2 Exam PDF Recently Updated Questions [Q10-Q25]

Share

Certification Topics of NSE7_SDW-7.2 Exam PDF Recently Updated Questions

NSE7_SDW-7.2 Exam Prep Guide: Prep guide for the NSE7_SDW-7.2 Exam

NEW QUESTION # 10
Refer to the exhibit.

The exhibit shows the BGP configuration on the hub in a hub-and-spoke topology. The administrator wants BGP to advertise prefixes from spokes to other spokes over the IPsec overlays, including additional paths.
However, when looking at the spoke routing table, the administrator does not see the prefixes from other spokes and the additional paths.
Based on the exhibit, which three settings must the administrator configure inside each BGP neighbor group so spokes can learn other spokes prefixes and their additional paths? (Choose three.)

  • A. Enable soft-reconfiguration
  • B. Set additional-path to send
  • C. Enable route-reflector-client
  • D. Set adv-additional-path to the number of additional paths to advertise
  • E. Set advertisement-interval to the number of additional paths to advertise

Answer: B,C,D


NEW QUESTION # 11
Refer to the exhibit.

Based on the exhibit, which action does FortiGate take?

  • A. FortiGate brings up port5 after it detects all SD-WAN members as alive.
  • B. FortiGate fails over to the secondary device after it detects all SD-WAN members as dead.
  • C. FortiGate brings down port5 after it detects all SD-WAN members as dead.
  • D. FortiGate bounces port5 after it detects all SD-WAN members as dead.

Answer: B


NEW QUESTION # 12
Refer to the exhibit.

Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change?
(Choose two.)

  • A. FortiGate terminates the old sessions.
  • B. FortiGate flushes all sessions.
  • C. FortiGate evaluates new sessions.
  • D. FortiGate does not change existing sessions.

Answer: C,D

Explanation:
Explanation
FortiGate not to flag existing impacted session as dirty by setting firewall-session-dirty to check new. The
results is that FortiGate evaluates only new session against the new firewall policy.


NEW QUESTION # 13
What are two benefits of using the Internet service database (ISDB) in an SD-WAN rule? (Choose two.)

  • A. The ISDB contains the IP addresses and port ranges of well-known internet services.
  • B. The ISDB requires application control to maintain signatures and perform load balancing.
  • C. The ISDB is dynamically updated and reduces administrative overhead.
  • D. The ISDB applies rules to traffic from specific sources, based on application type.

Answer: A,C


NEW QUESTION # 14
Which two statements about SD-WAN central management are true? (Choose two.)

  • A. It supports normalized interfaces for SD-WAN member configuration.
  • B. It does not support meta fields.
  • C. It uses templates to configure SD-WAN on managed devices.
  • D. The objects are saved in the ADOM common object database.

Answer: C,D

Explanation:
Explanation
Normalized interfaces are not supported for SD-WAN templates. You can create multiple SD-WAN zones and
add interface members to the SD-WAN zones. You must bind the interface members by name to physical
interfaces or VPN
interfaces.https://docs.fortinet.com/document/fortigate/7.0.0/sd-wan-new-features/794804/new-sd-wan-template-


NEW QUESTION # 15
In the default SD-WAN minimum configuration, which two statements are correct when traffic matches the
default implicit SD-WAN rule? (Choose two )

  • A. The FIB lookup resolved interface was the SD-WAN interface.
  • B. Matched traffic failed RPF and was caught by the rule.
  • C. Traffic has matched none of the FortiGate policy routes.
  • D. An absolute SD-WAN rule was defined and matched traffic.

Answer: A,C


NEW QUESTION # 16
Refer to the exhibits.
Exhibit A -

Exhibit B -

Exhibit A shows the traffic shaping policy and exhibit B shows the firewall policy.
The administrator wants FortiGate to limit the bandwidth used by YouTube. When testing, the administrator
determines that FortiGate does not apply traffic shaping on YouTube traffic.
Based on the policies shown in the exhibits, what configuration change must be made so FortiGate performs
traffic shaping on YouTube traffic?

  • A. Application control must be enabled on the firewall policy.
  • B. Destination internet service must be enabled on the traffic shaping policy.
  • C. Web filtering must be enabled on the firewall policy.
  • D. Individual SD-WAN members must be selected as the outgoing interface on the traffic shaping policy.

Answer: A


NEW QUESTION # 17
Which are three key routing principles in SD-WAN? (Choose three.)

  • A. FortiGate performs route lookups for new sessions only.
  • B. By default, SD-WAN members are skipped if they do not have a valid route to the destination.
  • C. SD-WAN rules have precedence over ISDB routes.
  • D. By default, SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.
  • E. Regular policy routes have precedence over SD-WAN rules.

Answer: B,D,E

Explanation:
Explanation
Study Guide 7.2, pages 125, 129, 151


NEW QUESTION # 18
What is the route-tag setting in an SD-WAN rule used for?

  • A. To indicate the routes for health check probes.
  • B. To indicate the routes that can be used for routing SD-WAN traffic.
  • C. To indicate the destination of a rule based on learned BGP prefixes.
  • D. To indicate the members that can be used to route SD-WAN traffic.

Answer: C


NEW QUESTION # 19
Refer to the exhibit.

Which are two expected behaviors of the traffic that matches the traffic shaper? (Choose two.)

  • A. The traffic shaper limits the combined bandwidth of all connections to a maximum of 5 MB/sec.
  • B. The traffic shaper limits the bandwidth of each source IP address to a maximum of 625 KB/sec.
  • C. The number of simultaneous connections among all source IP addresses cannot exceed five connections.
  • D. The number of simultaneous connections allowed for each source IP address cannot exceed five connections.

Answer: B,D


NEW QUESTION # 20
What is a benefit of using application steering in SD-WAN?

  • A. You steer traffic based on the detected application.
  • B. The traffic always skips the regular policy routes.
  • C. You do not need to enable SSL inspection.
  • D. You do not need to configure firewall policies that accept the SD-WAN traffic.

Answer: A


NEW QUESTION # 21
Refer to the exhibit.

Which statement about the role of the ADVPN device in handling traffic is true?

  • A. Two hubs,10.0.1.101and10.0.2.101, are receiving and forwarding queries between each other.
  • B. Two spokes,192.2.0.1and10.0.2.101, forward their queries to their hubs.
  • C. This is a hub that has received a query from a spoke and has forwarded it to another spoke.
  • D. This is a spoke that has received a query from a remote hub and has forwarded the response to its hub.

Answer: C


NEW QUESTION # 22
Which two tasks are part of using central VPN management? (Choose two.)

  • A. You must enable VPN zones for SD-WAN deployments.
  • B. You configure VPN communities to define common IPsec settings shared by all VPN gateways.
  • C. You can configure full mesh, star, and dial-up VPN topologies.
  • D. FortiManager installs VPN settings on both managed and external gateways.

Answer: B,C


NEW QUESTION # 23
Which two statements are true about using SD-WAN to steer local-out traffic? (Choose two.)

  • A. By default, FortiGate does not check if the selected member has a valid route to the destination.
  • B. FortiGate does not consider the source address of the packet when matching an SD-WAN rule for
    local-out traffic.
  • C. You must configure each local-out feature individually, to use SD-WAN.
  • D. By default, local-out traffic does not use SD-WAN.

Answer: C,D


NEW QUESTION # 24
Refer to the exhibit.

Based on the exhibit, which two actions does FortiGate perform on traffic passing through port2? (Choose
two.)

  • A. FortiGate flushes all routing information from the session table, after a route change.
  • B. FortiGate always blocks all traffic, after a route change.
  • C. FortiGate performs routing lookups for new sessions only, after a route change.
  • D. FortiGate does not change the routing information on existing sessions that use a valid gateway, after a
    route change.

Answer: C,D


NEW QUESTION # 25
......

2024 New Preparation Guide of Fortinet NSE7_SDW-7.2 Exam: https://simplilearn.actual4labs.com/Fortinet/NSE7_SDW-7.2-actual-exam-dumps.html

Related Articles

more
Fortinet NSE7_SDW-7.2 Certification Practice Exam

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

Useful Links

Latest Updated