● NSE 7—SD-WAN 7.2 Exam Materials
Please note that the exam "NSE 7—SD-WAN 7.2 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 – SD-WAN 7.6 Enterprise Administrator"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 6 – SD-WAN 7.6 Enterprise Administrator"
The new exam version is available on Brave-Dumps and can be purchased.
Question #51
Question #52
Which two statements are correct when traffic matches the implicit SD-WAN rule? (Choose two answers)
- A. The session information output displays no SD-WAN-specific details.
- B. All SD-WAN rules have the default and gateway setting enabled.
- C. Traffic does not match any of the entries in the policy route table.
- D. Traffic is load balanced using the algorithm set for the v4-ecmp-mode setting.
Question #53
Which two statements are correct when traffic matches the implicit SD-WAN rule? (Choose two answers)
- A. Traffic is load balanced using the algorithm set for the v4-ecmp-mode setting.
- B. The sdwan_service_id flag in the session information is 0.
- C. All SD-WAN rules have the default setting enabled.
- D. Traffic does not match any of the entries in the policy route table.
Question #54
In a hub-and-spoke topology, what are two advantages of enabling ADVPN on the IPsec overlays? (Choose two answers)
- A. It provides the benefits of a full-mesh topology in a hub-and-spoke network.
- B. It enables spokes to establish shortcuts to third-party gateways.
- C. It provides direct connectivity between spokes by creating shortcuts.
- D. It enables spokes to bypass the hub during shortcut negotiation.
Question #55
Refer to the exhibits.
Exhibit A shows an SD-WAN event log and exhibit B shows the member status and the SD-WAN rule configuration.
Based on the exhibits, which two statements are correct?
(Choose two answers)
- A. FortiGate updated the outgoing interface list on the rule so it prefers port2.
- B. Port2 has the highest member priority.
- C. SD-WAN rule ID 1 is set to lowest cost (SLA) mode.
- D. Port2 has a lower latency than port.
Question #56
Refer to the exhibit.
Based on the output, which two conclusions are true?
(Choose two answers)
- A. Entry 1 (id=1) is a regular policy route.
- B. There is more than one SD-WAN rule configured.
- C. The SD-WAN rules take precedence over regular policy routes.
- D. The all_rules rule represents the implicit SD-WAN rule.
Question #57
Refer to the exhibits.
Exhibit A shows the source NAT (SNAT) global setting and exhibit B shows the routing table on FortiGate.
Based on the exhibits, which two actions does FortiGate perform on existing sessions established over port2, if the administrator increases the static route priority on port2 to 20?
(Choose two answers)
- A. FortiGate flags the sessions as dirty.
- B. FortiGate continues routing the sessions with no SNAT, over port2.
- C. FortiGate performs a route lookup for the original traffic only.
- D. FortiGate updates the gateway information of the sessions with SNAT so that they use port1 instead of port2.
Question #58
Refer to the exhibit.
Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?
(Choose one answer)
- A. type must be set to static.
- B. add-route must be disabled.
- C. mode-cfg must be enabled.
- D. exchange-interface-ip must be enabled.
Question #59
Refer to the exhibits.
Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt.
When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule.
Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?
(Choose one answer)
- A. Disable tcp-session-without-syn under config system settings.
- B. Disable allow-subnet-overlap under config system settings.
- C. Enable auxiliary-session under config system settings.
- D. Enable snat-route-change under config system global.
Question #60
Refer to the exhibits.
Exhibit A shows the configuration for an SD-WAN rule and exhibit B shows the respective rule status, the routing table, and the member status.
The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule.
Based on the exhibits, what can the administrator expect for traffic matching the SD-WAN rule?
(Choose one answer)
- A. The traffic will be load balanced across all three overlays.
- B. The traffic will be routed over T_INET_0_0.
- C. The traffic will be routed over T_MPLS_0.
- D. The traffic will be routed over T_INET_1_0.
Refer to the exhibits.
Exhibit A shows the SD-WAN performance SLA configuration, the SD-WAN rule configuration, and the application IDs of Facebook and YouTube. Exhibit B shows the firewall policy configuration and the underlay zone status.
Based on the exhibits, which two statements are correct about the health and performance of port1 and port2? (Choose two answers)