リアルNSE7_SDW-6.4問題集でFortinet正確な解答2022年最新版を試そう [Q18-Q34]

リアルNSE7_SDW-6.4問題集でFortinet正確な解答2022年最新版を試そう

NSE 7 Network Security Architect NSE7_SDW-6.4試験練習問題集

Fortinet NSE7_SDW-6.4 認定試験の出題範囲：

トピック	出題範囲
トピック 1	完全または部分的にメッシュ化された冗長VPNインフラストラクチャ SD-WAN構成を実装する
トピック 2	SD-WANルールの構成 VPNおよびADVPNのトラブルシューティング
トピック 3	SD-WANルーティング SD-WANトラブルシューティングの構成
トピック 4	一元管理 SD-WANSLAの構成
トピック 5	FortiManagerからSD-WANインフラストラクチャを一元管理 基本的なSD-WANセットアップを構成

 

質問 18
Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes?

• A. diagnose sys virtual-wan-link intf-sla-log
• B. diagnose sys virtual-wan-link sla-lcg
• C. diagnose sys virtual-wan-link health-check
• D. diagnose sys virtual-wan-link log

正解: C

 

質問 19
Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes?

• A. diagnose sys virtual-wan-link intf-sla-log
• B. diagnose sys virtual-wan-link sla-log
• C. diagnose sys virtual-wan-link health-check
• D. diagnose sys virtual-wan-link log

正解: B

 

質問 20
Refer to exhibits.
Exhibit A.

Exhibit B.

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SO-WAN interface and the static routes configuration.
Port1 and port2 are member interfaces of the SD-WAN, and port2 becomes a dead member after reaching the failure thresholds Which statement about the dead member is correct?

• A. SD-WAN interface becomes disabled and port1 becomes the WAN interface
• B. Port2 might become alive when a single response is received from an SLA server
• C. Subnets 100 .64-1.0/23 and 172 . 20 . 0. 0/16 are reachable only through port1
• D. Dead members require manual administrator access to bring them back alive

正解: A

 

質問 21
Which statement is correct about the SD-WAN and ADVPN?

• A. ADVPN interface can be a member of SD-WAN interface.
• B. Spoke support dynamic VPN as a static interface.
• C. Hub FortiGate is limited to use ADVPN as SD-WAN member interface.
• D. Dynamic VPN is not supported as an SD-Wan interface.

正解: A

 

質問 22
An administrator is troubleshooting VoIP quality issues that occur when calling external phone numbers The SD-WAN interface on the edge FortiGate is configured with the default settings, and is using two upstream links One link has random jitter and latency issues and is based on a wireless connection Which two actions must the administrator apply simultaneously on the edge FortiGate to improve VoIP quality using SD_WAN rules?

• A. Place the troublesome link at the top of the interface preference list.
• B. Select the corresponding SD-WAN balancing strategy in the SD-WAN rule.
• C. Configure an SD-WAN rule to load balance all traffic without VoIP.
• D. Use the performance SLA targets to detect latency and jitter instantly.
• E. Choose the suitable interface based on the interface cost and weight.

正解: B,D

 

質問 23
Which statement about using BGP routes in SD-WAN is true?

• A. Dynamic routing protocols can be used only with non-encrypted traffic
• B. Adding static routes must be enabled on all ADVPN interfaces.
• C. VPN topologies must be form using only BGP dynamic routing with SD-WAN
• D. Learned routes can be used as dynamic destinations in SD-WAN rules

正解: C

 

質問 24
Which two reasons make forward error correction (FEC) ideal to enable in a phase one VPN interface? (Choose two )

• A. FEC is useful to increase speed at which traffic is routed through IPsec tunnels.
• B. FEC transmits the original payload in full to recover the error in transmission.
• C. FEC improves reliability which overcomes adverse WAN conditions such as noisy links.
• D. FEC transmits additional packets as redundant data to the remote device.
• E. FEC reduces the stress on the remote device jitter buffer to reconstruct packet loss

正解: C,D

 

質問 25
What is the lnkmtd process responsible for?

• A. Monitoring links for any bandwidth saturation
• B. Processing performance SLA probes
• C. Logging interface quality information
• D. Flushing route tags addresses

正解: C

 

質問 26
What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

• A. Shared policy shaping mode
• B. Reverse policy shaping mode
• C. Interface-based shaping mode
• D. Per-IP shaping mode

正解: A

 

質問 27
What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)

• A. The FortiGate cloud key has not been added to the FortiGate cloud portal.
• B. FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
• C. The zero-touch provisioning process has completed internally, behind FortiGate.
• D. FortiGate has obtained a configuration from the platform template in FortiGate cloud.
• E. A factory reset performed on FortiGate.

正解: A,C

 

質問 28
Refer to exhibits.
Exhibit A.

Exhibit B.

Exhibit A shows the traffic shaping policy and exhibit B show: the firewall policy FortiGate is not performing traffic shaping as expected basi on the policies shown in the exhibits.
To correct this traffic shaping issue on FortiGate, what configuration change must be made on which policy?

• A. The web filter profile must be enabled on the firewall policy
• B. The URL category must be specified on the traffic shaping policy
• C. The application control profile must be enabled on the firewall policy.
• D. The shaper mode must be applied per-IP shaper on the traffic shaping policy

正解: A

 

質問 29
What is the lnkmtd process responsible for?

• A. Monitoring links for any bandwidth saturation
• B. Logging interface quality information
• C. Processing performance SLA probes
• D. Flushing route tags addresses

正解: A

 

質問 30
Refer to the exhibit.

Which two statements about the debug output are correct? (Choose two )

• A. Traffic being controlled by the traffic shaper is under 1 Kbps.
• B. This traffic shaper drops traffic that exceeds the set limits.
• C. The debug output shows per-IP shaper values and real-time readings.
• D. FortiGate provides statistics and reading based on historical traffic logs.

正解: B,C

 

質問 31
Refer to the exhibit.

Which statement about the trace evaluation by FomGate is true?

• A. Packets exceeding the configured concurrent connection limit are dropped based on tfte priority configuration.
• B. Packets exceeding the configured maximum concurrent connection limit are denied by the per-IP shaper.
• C. The packet exceeded the configured maximum bandwidth and was dropped by the shared shaper.
• D. The packet exceeded the configured bandwidth and was dropped based on the priority configuration

正解: A

 

質問 32
Refer to the exhibit.

Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?

• A. FortiGate has terminated the session after a change on policy ID 1.
• B. The type of traffic defined and allowed on firewall policy ID 1 is UDP.
• C. Firewall policy ID 1 has source NAT disabled.
• D. Changes have been made on firewall policy ID 1 on FortiGate.

正解: D

 

質問 33
Refer to exhibits.

Exhibit B.

Exhibit A shows the firewall policy and exhibit B shows the traffic shaping policy.
The traffic shaping policy is being applied to all outbound traffic however inbound traffic is not being evaluated by the shaping policy Based on the exhibit, what configuration change must be made in which policy so that traffic shaping can be applied to inbound traffic'?

• A. The reverse shaper option must be enabled and a traffic shaper must be selected
• B. The guaranteed-10mbps option must be selected as the per-IP shaper option
• C. The guaranteed-10mbps option must be selected as the reverse shaper option.
• D. A new firewall policy must be created and SD-WAN must be selected as the incoming interface.

正解: C

 

質問 34
......

NSE7_SDW-6.4試験合格を準備するため 今すぐ弊社のNSE 7 Network Security Architect試験パッケージお試そう：https://www.jpntest.com/shiken/NSE7_SDW-6.4-mondaishu