Fortinet NSE7_SDW-7.2 Exam Practice Test Instant Access

Question 1

Which action fortigate performs on the traffic that is subject to a per-IP traffic shaper of 10 Mbps?

AFortiGate applies traffic shaping to the original traffic direction only.

BFortiGate shares 10 Mbps of bandwidth equally among all source IP addresses.
RIAS

CFortigate limits each source ip address to a maximum bandwidth of 10 Mbps.

DFortiGate guarantees a minimum of 10 Mbps of bandwidth to each source IP address.

Answer : C

Question 2

Which diagnostic command can you use to show the SD-WAN rules, interface information, and state?

Adiagnose sys sdwan service

Bdiagnose sys sdwan route-tag-list

Cdiagnose sys sdwan member

Ddiagnose sys sdwan neighbor

Answer : A

Question 3

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI.

Based on the exhibit, which statement is true?

AYou can delete the virtual-wan-link zone because it contains no member.

BThe corporate zone contains no member.

CYou can move port1 from the underlay zone to the overlay zone.

DThe overlay zone contains four members.

Answer : B

Based on the exhibit, the 'corporate' zone contains no member (B). In the FortiGate GUI, zones without members do not display any interfaces listed under them, which is the case for the corporate zone in the exhibit. Reference: This conclusion is based on standard Fortinet GUI interpretation and the operational logic of SD-WAN zones as per Fortinet's guidelines and user interface standards.

Question 4

Which type statements about the SD-WAN members are true? (Choose two.)

AYou can manually define the SD-WAN members sequence number.

BInterfaces of type virtual wire pair can be used as SD-WAN members.

CInterfaces of type VLAN can be used as SD-WAN members.

DAn SD-WAN member can belong to two or more SD-WAN zones.

Answer : A, C

SD-WAN members can be manually ordered by changing their sequence number (A), which allows administrators to prioritize the interfaces according to the routing requirements. Also, VLAN interfaces can be used as SD-WAN members (C), providing flexibility in network design and the use of existing VLAN infrastructure within the SD-WAN setup.

Question 5

The administrator uses the FortiManager SD-WAN overlay template to prepare an SD-WAN deployment. With information provided through the SD-WAN overlay template wizard, FortiManager creates templates ready to install on spoke and hub devices.

Select three templates created by the SD-WAN overlay template for a spoke device. (Choose three.)

ASystem template

BBGP template

CIPsec tunnel template

DCLI template

EOverlay template

Answer : A, C, E

In a FortiManager SD-WAN overlay template configuration for a spoke device, the system template (A) is created to provide basic device settings. The IPsec tunnel template (C) is generated to establish secure tunnels between the spoke and the hub devices. Lastly, the overlay template (E) is configured to specify the overlay network settings, which often include the SD-WAN rules and performance SLAs.

Question 6

What are two reasons for using FortiManager to organize and manage the network for a group of FortiGate devices? (Choose two.)

AIt simplifies the deployment and administration of SD-WAN on managed FortiGate devices.

BIt improves SD-WAN performance on the managed FortiGate devices.

CIt sends probe signals as health checks to the beacon servers on behalf of FortiGate.

DIt acts as a policy compliance entity to review all managed FortiGate devices.

EIt reduces WAN usage on FortiGate devices by acting as a local FortiGuard server.

Answer : A, E

Question 7

In a hub-and-spoke topology, what are two advantages of enabling ADVPN on the IPsec overlays? (Choose two.)

AIt provides the benefits of a full-mesh topology in a hub-and-spoke network.

BIt provides direct connectivity between spokes by creating shortcuts.

CIt enables spokes to bypass the hub during shortcut negotiation.

DIt enables spokes to establish shortcuts to third-party gateways.

Answer : A, B

Fortinet NSE7_SDW-7.2 Fortinet NSE 7 - SD-WAN 7.2 Exam Practice Test