正真正銘のNSE7_SDW-6.4問題集には100%合格率練習テスト問題集
Fortinet NSE7_SDW-6.4リアル試験問題保証付き 更新された問題集
質問 17
Which three parameters are available to configure SD-WAN rules? (Choose three.)
- A. Internet service database (ISDB) address object
- B. Application signatures
- C. URL categories
- D. Type of physical link connection
- E. Source and destination IP address
正解: A,D,E
質問 18
Refer to the exhibit.
Which two statements about the debug output are correct? (Choose two )
- A. The debug output shows per-lP shaper values and real-time readings.
- B. This traffic shaper drops traffic that exceeds the set limits.
- C. Traffic being controlled by the traffic shaper is under 1 Kbps
- D. FortiGate provides statistics and readings based on historical traffic logs.
正解: A,D
質問 19
Refer to the exhibit.
What must you configure to enable ADVPN?
- A. ADVPN should only be enabled on unmanaged FortiGate devices.
- B. Each VPN device has a unique pre-shared key configured separately on phase one
- C. The protected subnets should be set to address object to all (0.0 .0. o/o).
- D. On the hub VPN, only the device needs additional phase one sett
正解: B
質問 20
What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?
- A. Shared policy shaping mode
- B. Reverse policy shaping mode
- C. Per-IP shaping mode
- D. Interface-based shaping mode
正解: D
質問 21
Which components make up the secure SD-WAN solution?
- A. Telephone, ISDN, and telecom network.
- B. Datacenter, branch offices, and public cloud
- C. FortiGate, FortiManager, FortiAnalyzer, and FortiDeploy
- D. Application, antivirus, and URL, and SSL inspection
正解: D
質問 22
Refer to exhibits.
Exhibit A shows the performance SLA exhibit B shows the SD-WAN diagnostics output.
Based on the exhibits, which statement is correct?
- A. Both SD-WAN member interfaces have used separate SLA targets.
- B. SD-WAN member interfaces are affected by the SLA state of the inactive interface.
- C. The SLA state of port1 is dead after five unanswered requests by the SLA servers.
- D. Port1 became dead because no traffic was offload through the egress of port1.
正解: C
質問 23
Which statement defines how a per-IP traffic shaper of 10 Mbps is applied to the entire network?
- A. The 10 Mbps bandwidth is shared equally among the IP addresses.
- B. FortiGate allocates each IP address a maximum 10 Mbps of bandwidth.
- C. Each IP is guaranteed a minimum 10 Mbps of bandwidth.
- D. A single user uses the allocated bandwidth divided by total number of users.
正解: B
解説:
Explanation/Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/885253/per-ip-traffic-shaper
質問 24
Refer to the exhibit.
Based on the output shown in the exhibit, which two criteria on the SD-WAN member configuration can be used to select an outgoing interface in an SD-WAN rule? (Choose two.)
- A. Set source 100.64.1.1.
- B. Set priority 10.
- C. Set load-balance-mode source-ip-ip-based.
- D. Set cost 15.
正解: A
質問 25
In the default SD-WAN minimum configuration, which two statements are correct when traffic matches the default implicit SD-WAN rule? (Choose two )
- A. An absolute SD-WAN rule was defined and matched traffic.
- B. Matched traffic failed RPF and was caught by the rule.
- C. The FIB lookup resolved interface was the SD-WAN interface.
- D. Traffic has matched none of the FortiGate policy routes.
正解: C,D
質問 26
Which statement defines how a per-IP traffic shaper of 10 Mbps is applied to the entire network?
- A. The 10 Mbps bandwidth is shared equally among the IP addresses.
- B. FortiGate allocates each IP address a maximum 10 Mbps of bandwidth.
- C. Each IP is guaranteed a minimum 10 Mbps of bandwidth
- D. A single user uses the allocated bandwidth divided by total number of users.
正解: B
質問 27
What are two roles that SD-WAN orchestrator plays when it works with FortiManager? (Choose two )
- A. It configures and monitors SD-WAN networks on FortiGate devices that are managed by FortiManager.
- B. It acts as a hub FortiGate with an SD-WAN interface enabled and managed along with other FortiGate devices by FortiManager.
- C. It acts as a standalone device to assist FortiManager to manage SD-WAN interfaces on the managed FortiGate devices.
- D. It acts as an application that is released and signed by Fortinet to run as a part of management extensions on FortiManager.
正解: C,D
質問 28
Which statement is correct about the SD-WAN and ADVPN?
- A. Hub FortiGate is limited to use ADVPN as SD-WAN member interface.
- B. ADVPN interface can be a member of SD-WAN interface.
- C. Dynamic VPN is not supported as an SD-Wan interface.
- D. Spoke support dynamic VPN as a static interface.
正解: B
質問 29
Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes?
- A. diagnose sys virtual-wan-link log
- B. diagnose sys virtual-wan-link health-check
- C. diagnose sys virtual-wan-link sla-log
- D. diagnose sys virtual-wan-link intf-sla-log
正解: C
解説:
Explanation/Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/943037/sla-logging
質問 30
Refer to the exhibit.
Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?
- A. The type of traffic defined and allowed on firewall policy ID 1 is UDP.
- B. Changes have been made on firewall policy ID 1 on FortiGate.
- C. Firewall policy ID 1 has source NAT disabled.
- D. FortiGate has terminated the session after a change on policy ID 1.
正解: A
質問 31
Which statement about using BGP routes in SD-WAN is true?
- A. Adding static routes must be enabled on all ADVPN interfaces.
- B. Dynamic routing protocols can be used only with non-encrypted traffic
- C. VPN topologies must be form using only BGP dynamic routing with SD-WAN
- D. Learned routes can be used as dynamic destinations in SD-WAN rules
正解: C
質問 32
Which statement about using BGP routes in SD-WAN is true?
- A. Adding static routes must be enabled on all ADVPN interfaces.
- B. VPN topologies must be form using only BGP dynamic routing with SD-WAN.
- C. Learned routes can be used as dynamic destinations in SD-WAN rules.
- D. Dynamic routing protocols can be used only with non-encrypted traffic.
正解: C
解説:
Explanation/Reference:
https://www.fortinetguru.com/2019/09/using-bgp-tags-with-sd-wan-rules-fortios-6-2/#:~:text=SD%2DWAN%
20rules%20can%20use,to%20the%20customer's%20data%20center.
質問 33
Which statement is correct about the SD-WAN and ADVPN?
- A. Dynamic VPN is not supported as an SD-Wan interface.
- B. Hub FortiGate is limited to use ADVPN as SD-WAN member interface.
- C. ADVPN interface can be a member of SD-WAN interface.
- D. Spoke support dynamic VPN as a static interface.
正解: A
質問 34
Refer to the exhibit.
Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?
- A. Changes have been made on firewall policy ID 1 on FortiGate.
- B. Firewall policy ID 1 has source NAT disabled.
- C. FortiGate has terminated the session after a change on policy ID 1.
- D. The type of traffic defined and allowed on firewall policy ID 1 is UDP.
正解: A
質問 35
......
Fortinet NSE7_SDW-6.4 認定試験の出題範囲:
トピック | 出題範囲 |
---|---|
トピック 1 |
|
トピック 2 |
|
トピック 3 |
|
検証済み!合格できるNSE7_SDW-6.4試験一発合格保証付き:https://www.jpntest.com/shiken/NSE7_SDW-6.4-mondaishu