1. Home
  2. Fortinet
  3. NSE7_SDW-7.0

Fortinet NSE 7 - SD-WAN 7.0

Exam Details

  • Exam Code
    :NSE7_SDW-7.0
  • Exam Name
    :Fortinet NSE 7 - SD-WAN 7.0
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :134 Q&As
  • Last Updated
    :Jun 17, 2025

Fortinet Fortinet Certifications NSE7_SDW-7.0 Questions & Answers

  • Question 91:

    Refer to the exhibit.

    The device exchanges routes using IBGP.

    Which two statements are correct about the IBGP configuration and routing information on the device? (Choose two.)

    A. Each BGP route is three hops away from the destination.

    B. ibgp-multipath is disabled.

    C. additional-path is enabled.

    D. You can run the get router info routing-table database command to display the additional paths.

  • Question 92:

    Refer to the exhibit.

    Based on the exhibit, which statement about FortiGate re-evaluating traffic is true?

    A. The type of traffic defined and allowed on firewall policy ID 1 is UDP.

    B. FortiGate has terminated the session after a change on policy ID 1.

    C. Changes have been made on firewall policy ID 1 on FortiGate.

    D. Firewall policy ID 1 has source NAT disabled.

  • Question 93:

    Refer to the exhibits. Exhibit A Exhibit B

    Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt.

    When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferredmember in the matching SD-WAN rule.

    Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?

    A. Enable auxiliary-session under config system settings.

    B. Disable tp-session-without-syn under config system settings.

    C. Enable snat-route-change under config system global.

    D. Disable allow-subnet-overlap under config system settings.

  • Question 94:

    Which are two benefits of using CLI templates in FortiManager? (Choose two.)

    A. You can reference meta fields.

    B. You can configure interfaces as SD-WAN members without having to remove references first.

    C. You can configure FortiManager to sync local configuration changes made on the managed device, to the CLI template.

    D. You can configure advanced CLI settings.

  • Question 95:

    Which two statements are correct when traffic matches the implicit SD-WAN rule? (Choose two.)

    A. The sdwan_service_id flag in the session information is 0.

    B. All SD-WAN rules have the default setting enabled.

    C. Traffic does not match any of the entries in the policy route table.

    D. Traffic is load balanced using the algorithm set for the v4-ecmp-mode setting.

  • Question 96:

    Refer to the exhibits. Exhibit A

    Exhibit B

    Exhibit A shows the traffic shaping policy and exhibit B shows the firewall policy.

    The administrator wants FortiGate to limit the bandwidth used by YouTube. When testing, the administrator determines that FortiGate does not apply traffic shaping on YouTube traffic.

    Based on the policies shown in the exhibits, what configuration change must be made so FortiGate performs traffic shaping on YouTube traffic?

    A. Destination internet service must be enabled on the traffic shaping policy.

    B. Application control must be enabled on the firewall policy.

    C. Web filtering must be enabled on the firewall policy.

    D. Individual SD-WAN members must be selected as the outgoing interface on the traffic shaping policy.

  • Question 97:

    Refer to the exhibit.

    Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?

    A. type must be set to static.

    B. mode-cfg must be enabled.

    C. exchange-interface-ip must be enabled.

    D. add-route must be disabled.

  • Question 98:

    Refer to the exhibit.

    Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)

    A. FortiGate flushes all sessions.

    B. FortiGate terminates the old sessions.

    C. FortiGate does not change existing sessions.

    D. FortiGate evaluates new sessions.

  • Question 99:

    Refer to the exhibits. Exhibit A Exhibit B

    Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member status, the routing table, and the performance SLA status. If port2 is detected dead by FortiGate, what is the expected behavior?

    A. Port2 becomes alive after three successful probes are detected.

    B. FortiGate removes all static routes for port2.

    C. The administrator manually restores the static routes for port2, if port2 becomes alive.

    D. Host 8.8.8.8 is reachable through port1 and port2.

  • Question 100:

    Which diagnostic command can you use to show the member utilization statistics measured by performance SLAs for the last 10 minutes?

    A. diagnose sys sdwan intf-sla-log

    B. diagnose sys sdwan health-check

    C. diagnose sys sdwan log

    D. diagnose sys sdwan sla-log

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE7_SDW-7.0 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.