1. Home
  2. Fortinet
  3. NSE7_SDW-6.4

Fortinet NSE 7 - SD-WAN 6.4

Exam Details

  • Exam Code
    :NSE7_SDW-6.4
  • Exam Name
    :Fortinet NSE 7 - SD-WAN 6.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :80 Q&As
  • Last Updated
    :Aug 22, 2023

Fortinet Fortinet Certifications NSE7_SDW-6.4 Questions & Answers

  • Question 41:

    Refer to the exhibit

    Based on the exhibit, which two statements about existing sessions on FortiGate after a firewall policy change, are true?(Choose two.)

    A. The old sessions terminate after a policy change

    B. Existing sessions remain unchanged after a policy change

    C. All sessions are flushed by FortiGate after a policy change

    D. FortiGate re-evaluates new packets after a policy change

  • Question 42:

    Refer to the exhibit.

    FortiGate has multiple dial-up VPN interfaces incoming on port1 that match only FIRST_VPN.

    Which two configuration changes must be made to both IPsec VPN interfaces to allow incoming connections to match all possible IPsec dial-up interfaces? (Choose two.)

    A. Specify a unique peer ID for each dial-up VPN interface.

    B. Use different proposals are used between the interfaces.

    C. Configure the IKE mode to be aggressive mode.

    D. Use unique Diffie Hellman groups on each VPN interface.

  • Question 43:

    Which statement defines how a per-IP traffic shaper of 10 Mbps is applied to the entire network?

    A. FortiGate allocates each IP address a maximum 10 Mbps of bandwidth.

    B. Each IP is guaranteed a minimum 10 Mbps of bandwidth

    C. A single user uses the allocated bandwidth divided by total number of users.

    D. The 10 Mbps bandwidth is shared equally among the IP addresses.

  • Question 44:

    Which components make up the secure SD-WAN solution?

    A. Application, antivirus, and URL, and SSL inspection

    B. Datacenter, branch offices, and public cloud

    C. FortiGate, FortiManager, FortiAnalyzer, and FortiDeploy

    D. Telephone, ISDN, and telecom network.

  • Question 45:

    Which statement reflects how BGP tags work with SD-WAN rules?

    A. BGP tags match the SD-WAN rule based on the order that these rules were installed.

    B. BGP tags require that the adding of static routes be enabled on all ADVPN interfaces

    C. Route tags are used for a BGP community and the SD-WAN rules are assigned the same tag

    D. VPN topologies are formed using only BGP dynamic routing with SD-WAN

  • Question 46:

    FortiGate is connected to the internet and is obtaining the IP address on its egress interlace from the DHCP server

    Which statement is due when FortiGate restarts and receives preconfigured settings to install as part of a zero-touch provisioning process?

    A. FortiDeploy connects with FortiGate and provides the initial configuration to contact FortiManager

    B. The zero-touch provisioning process completes internally, behind FortiGate

    C. FortiManager registers FortiGate after the restart and retrieves the existing configuration

    D. The FortiGate cloud key added to the FortiGate cloud portal and FortiGate performs a factory reset before the restart

  • Question 47:

    When attempting to establish an IPsec tunnel to FortiGate, all remote users match the FIRST_VPN IPsec VPN. This includes remote users that want to connect to the SECOND_VPN IPsec VPN. Which two configuration changes must you make on both IPsec VPNs so that remote users can connect to their intended IPsec VPN? (Choose two.)

    A. Configure different proposals.

    B. Configure a unique peer ID.

    C. Change the IKE mode to aggressive.

    D. Configure different Diffie Hellman groups.

  • Question 48:

    Which two statements about SD-WAN central management are true? (Choose two.)

    A. It does not allow you to monitor the status of SD-WAN members.

    B. It is enabled or disabled on a per-ADOM basis.

    C. It is enabled by default.

    D. It uses templates to configure SD-WAN on managed devices.

  • Question 49:

    Why is it effective to use SD WAN rules when configuring application control?

    A. Because traffic can be load balanced based on application type

    B. Because SD-WAIM rules are independent from firewall policies to avoid controlling applications

    C. Because you must use certificate full inspection on the firewall policy

    D. Because the application database is manually maintained by administrators

  • Question 50:

    Refer to the exhibit.

    Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?

    A. The type of traffic defined and allowed on firewall policy ID 1 is UDP.

    B. FortiGate has terminated the session after a change on policy ID 1.

    C. Changes have been made on firewall policy ID 1 on FortiGate.

    D. Firewall policy ID 1 has source NAT disabled.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_SDW-6.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.