NSE7_PBC-7.2無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2」

質問 1

Refer to the exhibit. The exhibit shows an active-passive high availability FortiGate pair with external and internal Azure load balancers. There is no SDN connector used in this solution Which configuration should the administrator implement?

（A）Lambda IP address with one static route.

（B）Probe IP address with one BGP route

（C）Probe IP address with two static routes

（D）Public load balancer IP address with two BGP routes.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

A customer would like to use FortiGate fabric integration With FortiCNP.
When configuring a FortiGate VM to add to FortiCNP, which three mandatory configuration steps must you follow on FortiGate? (Choose three.)

（A）Create an SSL]SSH inspection profile.

（B）Create an IPsec tunnel.

（C）Enable send logs

（D）Create and IPS sensor and a firewall policy

（E）Enable two-factor authentication.

正解：A、C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

You are using Red Hat Ansible to change the FortiGate VM configuration. What is the minimum number of files you must create and which file must you use to configure the target FortiGate IP address?

（A）Create two files and use the hosts file

（B）Create two files and use the .yami file.

（C）Create three files and use the .yarai file.

（D）Create one file and use the variable file

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Refer to the exhibit. You attempted to access the Linux1 EC2 instance directly from the internet using its public IP address in AWS.

However, your connection is not successful.
Given the network topology, what can be the issue?

（A）There is no elastic IP address attached to FortiGate in the Security VPC.

（B）There is no internet gateway attached to the Spoke VPC A.

（C）The Transit Gateway BGP IP address is incorrect.

（D）There is no connection between VPC A and VPC B.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Refer to the exhibit. You are tasked with deploying a webserver and FortiGate VMS in AWS. You are using Terraform to automate the process.

Which two important details should you know about the Terraform files? (Choose two.)

（A）All the output values are available after a successful terraform apply command

（B）After the deployment, Terraform output values are visible only through AWS CloudShell.

（C）You must specify all the AWS credentials in the output. of file.

（D）The subnet_private 1 value is defined in the variables . tf file

正解：A、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

You have been asked to secure your organization's salesforce application that is running on Microsoft Azure, and find an effective method for inspecting shadow IT activities in the organization. After an initial investigation, you find that many users access the salesforce application remotely as well as on-premises.
Your goal is to find a way to get more visibility, control over shadow IT-related activities, and identify any data leaks in the salesforce application.
Which three steps should you take to achieve your goal? (Choose three.)

（A）Deploy and configure FortiGate with Security Fabric solutions, and FortiCWP with a storage guardian advance license.

（B）Deploy and configure FortiCWP with a workload guardian license.

（C）Deploy and configure FortiCASB with a Fortinet FortiCASB subscription license.

（D）Use FortiGate, FortiGuard, and FortiAnalyzer solutions.

（E）Configure FortiCASB and set up access rights, privileges, and data protection policies.

正解：C、D、E 解答を投票する

質問 7

Refer to the exhibit. A customer has deployed an environment in Amazon Web Services (AWS) and is now trying to send outbound traffic from the Web servers to the Internet. The FortiGate policies are configured to allow all outbound traffic; however, the traffic is not reaching the FortiGate internal interface.

What are two possible reasons for this behavior? (Choose two.)

（A）The Internet gateway (IGW) is not added to VPC (virtual private cloud).

（B）AWS source and destination checks are enabled on the FortiGate interfaces.

（C）The web servers are not configured with the default gateway.

（D）AWS security groups may be blocking the traffic.

正解：B、D 解答を投票する

質問 8

Refer to the exhibit. The exhibit shows the results of a FortiCNP registry scan.

Which two statements are correct? (Choose two )

（A）When adding a repository, you can add a minimum number of images to be imported through the CAP section.

（B）When adding a repository, you can leave the Tag section blank to scan all images-

（C）The registry scan is part of the FortiCNP container protection.

（D）The registry scan is part of the FortiCNP cloud protection.

正解：B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Refer to the exhibit. You deployed an HA active-active load balance sandwich with two FortiGate VMs in Microsoft Azure. After the deployment, you prefer to use FGSP to synchronize sessions, and allow asymmetric return traffic In the environment, FortiGate port 1 and port 2 are facing external and internal load balancers respectively What IP address must you use in the peerip configuration?

（A）The opposite FortiGate port 1 IP address.

（B）The public load balancer port 2 IP address

（C）The internal load balancer port 1 IP address.

（D）The opposite FortiGate port 2 IP address.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

NSE7_PBC-7.2 無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2」

弊社を連絡する

関連リンク

トップ試験