Fortinet NSE7_SDW-7.0 Fortinet NSE 7 – SD-WAN 7.0 Online Training
Fortinet NSE7_SDW-7.0 Online Training
The questions for NSE7_SDW-7.0 were last updated at Nov 19,2024.
- Exam Code: NSE7_SDW-7.0
- Exam Name: Fortinet NSE 7 - SD-WAN 7.0
- Certification Provider: Fortinet
- Latest update: Nov 19,2024
Which diagnostic command can you use to show the member utilization statistics measured by performance SLAs for the last 10 minutes?
- A . diagnose sys sdwan intf-sla-log
- B . diagnose sys sdwan health-check
- C . diagnose sys sdwan log
- D . diagnose sys sdwan sla-log
Which two protocols in the IPsec suite are most used for authentication and encryption? (Choose two.)
- A . Encapsulating Security Payload (ESP)
- B . Secure Shell (SSH)
- C . Internet Key Exchange (IKE)
- D . Security Association (SA)
Which two settings can you configure to speed up routing convergence in BGP? (Choose two.)
- A . update-source
- B . set-route-tag
- C . holdtime-timer
- D . link-down-failover
Refer to the exhibits.
Exhibit A
Exhibit B –
Exhibit A shows the configuration for an SD-WAN rule and exhibit B shows the respective rule status, the routing table, and the member status.
The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule. Based on the exhibits, what can the administrator expect for traffic matching the SD-WAN rule?
- A . The traffic will be load balanced across all three overlays.
- B . The traffic will be routed over T_INET_0_0.
- C . The traffic will be routed over T_MPLS_0.
- D . The traffic will be routed over T_INET_1_0.
Refer to the exhibits.
Two hub-and-spoke groups are connected through a site-to-site IPsec VPN between Hub 1 and Hub 2. The administrator configured ADVPN on both hub-and-spoke groups.
Which two outcomes are expected if a user in Toronto sends traffic to London? (Choose two.)
- A . London generates an IKE information message that contains the Toronto public IP address.
- B . Traffic from Toronto to London triggers the dynamic negotiation of a direct site-to-site VPN.
- C . Toronto needs to establish a site-to-site tunnel with Hub 2 to bypass Hub 1.
- D . The first packets from Toronto to London are routed through Hub 1 then to Hub 2.
Which two performance SLA protocols enable you to verify that the server response contains a specific value? (Choose two.)
- A . http
- B . icmp
- C . twamp
- D . dns
Refer to the exhibits.
Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)
- A . The traffic shaper drops packets if the bandwidth is less than 2500 KBps.
- B . The measured bandwidth is less than 100 KBps.
- C . The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.
- D . The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.
Refer to the exhibit.
Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?
- A . type must be set to static.
- B . mode-cfg must be enabled.
- C . exchange-interface-ip must be enabled.
- D . add-route must be disabled.
Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?
- A . get router info routing-table all
- B . diagnose debug application ike
- C . diagnose vpn tunnel list
- D . get ipsec tunnel list
Refer to the exhibits.
Exhibit B
Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.
Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?
- A . port1 is assigned a manual IP address.
- B . port1 is referenced in a firewall policy.
- C . port2 is referenced in a static route.
- D . port1 and port2 are not administratively down.
Latest NSE7_SDW-7.0 Dumps Valid Version with 35 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
