NSE7_SDW-7.2 Practice Exam Questions and Answers

A.  

The traffic will be load balanced across all three overlays.

B.  

The traffic will be routed over T_INET_0_0.

C.  

The traffic will be routed over T_MPLS_0.

D.  

The traffic will be routed over T_INET_1_0.

A.  

You must set ike-version to 1.

B.  

You must enable net-device.

C.  

You must enable auto-discovery-sender.

D.  

You must disable idle-timeout.

A.  

FortiGate flags the sessions as dirty.

B.  

FortiGate continues routing the sessions with no SNAT, over port2.

C.  

FortiGate performs a route lookup for the original traffic only.

D.  

FortiGate updates the gateway information of the sessions with SNAT so that they use port1 instead of port2.

A.  

FortiGate does not change the routing information on existing sessions that use a valid gateway, after a route change.

B.  

FortiGate performs routing lookups for new sessions only, after a route change.

C.  

FortiGate always blocks all traffic, after a route change.

D.  

FortiGate flushes all routing information from the session table, after a route change.

A.  

You can assign only one template with a tunnel of fype static to each FortiGate device

B.  

You can define only one IPsec tunnel from branch devices to HUB1.

C.  

You can assign only one IPsec template to each FortiGate device.

D.  

You should review the branch1_fgt configuration for the already configured tunnel with the name HUB1-VPN2.

A.  

The number of simultaneous connections among all source IP addresses cannot exceed five connections.

B.  

The traffic shaper limits the combined bandwidth of all connections to a maximum of 5 MB/sec.

C.  

The number of simultaneous connections allowed for each source IP address cannot exceed five connections.

D.  

The traffic shaper limits the bandwidth of each source IP address to a maximum of 625 KB/sec.

A.  

It instructs the hub to disable the reordering of TCP packets on behalf of the receiver, to improve performance.

B.  

It instructs the hub to disable TCP sequence number check, which is required for TCP sessions originated from spokes to fail over back and forth between the hubs.

C.  

It instructs the hub to not check the ESP sequence numbers on IPsec traffic, to improve performance.

D.  

It instructs the hub to skip content inspection on TCP traffic, to improve performance.

A.  

When T_INET_0_0 and T_MPLS_0 have the same latency.

B.  

When T_MPLS_0 has a latency of 100 ms.

C.  

When T_INET_0_0 has a latency of 250 ms.

D.  

When T_N1PLS_0 has a latency of 80 ms.

A.  

Routes for ADVPN shortcuts must be manually configured.

B.  

SD-WAN can steer traffic to ADVPN shortcuts, established over IPsec overlays, configured as SD-WAN members.

C.  

SD-WAN does not monitor the health and performance of ADVPN shortcuts.

D.  

You must use IKEv2 on IPsec tunnels.

A.  

The type of traffic defined and allowed on firewall policy ID 1 is UDP.

B.  

FortiGate has terminated the session after a change on policy ID 1.

C.  

Changes have been made on firewall policy ID 1 on FortiGate.

D.  

Firewall policy ID 1 has source NAT disabled.