1. Home
  2. Fortinet
  3. NSE7_SDW-6.4

Fortinet NSE 7 - SD-WAN 6.4

Exam Details

  • Exam Code
    :NSE7_SDW-6.4
  • Exam Name
    :Fortinet NSE 7 - SD-WAN 6.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :80 Q&As
  • Last Updated
    :Aug 22, 2023

Fortinet Fortinet Certifications NSE7_SDW-6.4 Questions & Answers

  • Question 61:

    Which diagnostic command can you use to show the SD-WAN rules interface information and state?

    A. diagnose sys sdwan route-tag-list.

    B. diagnose sys sdwan service.

    C. diagnose sys sdwan member.

    D. diagnose sys sdwan neighbor.

  • Question 62:

    What are two reasons for using FortiManager to organize and manage the network for a group of FortiGate devices? (Choose two )

    A. It simplifies the deployment and administration of SD-WAN on managed FortiGate devices.

    B. It improves SD-WAN performance on the managed FortiGate devices.

    C. It sends probe signals as health checks to the beacon servers on behalf of FortiGate.

    D. It acts as a policy compliance entity to review all managed FortiGate devices.

    E. It reduces WAN usage on FortiGate devices by acting as a local FortiGuard server.

  • Question 63:

    Refer to exhibits

    Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate

    Based on the FortiGate configuration shown in the exhibits, what are two issues you might encounter when creating an SD-WAN interface on port1 and port2? {Choose two )

    A. Member interfaces that are administratively down

    B. Member interface that have IP address of 0.0.0.0/0.0.0.0

    C. Member interfaces that are physical interfaces as well as VLAN aggregate, and iPsec interfaces

    D. Member interfaces that are referenced by any other configuration element

  • Question 64:

    Refer to the exhibit.

    Multiple IPsec VPNs are formed between two hub-and-spokes groups, and site-to-site between Hub 1 and Hub 2 The administrator configured ADVPN on the dual regions topology

    Which two statements are correct if a user in Toronto sends traffic to London? (Choose two )

    A. Toronto needs to establish a site-to-site tunnel with Hub 2 to bypass Hub 1.

    B. The first packets from Toronto to London are routed through Hub 1 then to Hub 2.

    C. London generates an IKE information message that contains the Toronto public IP address.

    D. Traffic from Toronto to London triggers the dynamic negotiation of a direct site-to-site VPN.

  • Question 65:

    What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

    A. Per-IP shaping mode

    B. Reverse policy shaping mode

    C. Interface-based shaping mode

    D. Shared policy shaping mode

  • Question 66:

    Refer to the exhibits. Exhibit A:

    Exhibit B:

    Exhibit A shows the SD-WAN rules and exhibit B shows the traffic logs. The SD-WAN traffic logs reflect how FortiGate distributes traffic. Based on the exhibits, what are two expected behaviors when FortiGate processes SD-WAN traffic? (Choose two.)

    A. The first Vimeo session may not match the Vimeo SD-WAN rule because the session is used for the application learning phase.

    B. The implicit rule overrides all other rules because parameters widely cover sources and destinations.

    C. The Vimeo SD-WAN rule steers Vimeo application traffic among all SD-WAN member interfaces.

    D. SD-WAN rules are evaluated in the same way as firewall policies: from top to bottom.

  • Question 67:

    Which three performance SLA protocols are available on the FortiGate CLI only? (Choose three.)

    A. tcp-echo

    B. icmp

    C. twamp

    D. udp-echo

    E. smtp

  • Question 68:

    Refer to exhibits.

    Exhibit A, which shows the SD-WAN performance SLA and exhibit B shows the health of the participating SD-WAN members.

    Based on the exhibits, which statement is correct?

    A. The dead member interface stays unavailable until an administrator manually brings the interface back.

    B. Port2 needs to wait 500 milliseconds to change the status from alive to dead.

    C. Static routes using port2 are active in the routing table.

    D. FortiGate has not received three consecutive requests from the SLA server configured for port2.

  • Question 69:

    Refer to the exhibits.

    Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member and the static routes configuration. If port2 is detected dead by FortiGate, which expected behavior is correct?

    A. Port2 becomes alive after one successful probe is detected.

    B. The SD-WAN interface becomes disabled and port1 becomes the WAN interface.

    C. Dead members require manual administrator access to bring them back alive.

    D. Subnets 10.0.20.0/23 and 172.20.0.0/16 are reachable only through port1.

  • Question 70:

    Refer to exhibits.

    Exhibit A shows the SD-WAN rules and exhibit B shows the traffic logs. The SD-WAN traffic logs reflect how FortiGate processed traffic. Which two statements about how the configured SD-WAN rules are processing traffic are true? (Choose two.)

    A. The implicit rule overrides all other rules because parameters widely cover sources and destinations.

    B. SD-WAN rules are evaluated in the same way as firewall policies: from top to bottom.

    C. The All_Access_Rules rule load balances Vimeo application traffic among SD-WAN member interfaces.

    D. The initial session of an application goes through a learning phase in order to apply the correct rule.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_SDW-6.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.