Cisco®
Oracle
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. FCSS_SDW_AR-7.4

Free Fortinet FCSS_SDW_AR-7.4 Exam Braindumps (page: 2)

Page 2 of 6
PDF with 38 Questions

Exhibit.



Two hub-and-spoke groups are connected through redundant site-to-site IPsec VPNs between Hub 1 and Hub 2
Which two configuration settings are required for the spoke A1 to establish an ADVPN shortcut with the spoke B2? (Choose two.)

  1. On hubs, auto-discovery-forwarder must be enabled on the IPsec VPNs to hubs.
  2. On hubs, auto-discovery-receiver must be enabled on the IPsec VPNs to spokes.
  3. On hubs, auto-discovery-forwarder must be enabled on the IPsec VPNs to spokes.
  4. On hubs, auto-diacovery-sender must be enabled on the IPsec VPNs to spokes

Answer(s): A,D



Refer to the exhibit.



Which SD-WAN rule and interface uses FortiGate to steer the traffic from the LAN subnet 10.0.1.0/24 to the corporate server 10.2.5.254?

  1. SD-WAN service rule 3 and interface HUB1-VPN2.
  2. SD-WAN service rule 3 and interface HUB1-VPN3.
  3. SD-WAN service rule 4 and port1 or port2.
  4. SD-WAN service rule 4 and interface port2.

Answer(s): B



Refer to the exhibit.



Refer to the exhibit.
You want to configure SD-WAN on a network as shown in the exhibit. The network contains many FortiGate devices. Some are used as NGFW, and some are installed with extensions such as FortiSwitch. FortiAP. or Forti Ex tender.
What should you consider when planning your deployment?

  1. You can build an SD-WAN topology that includes all devices. The hubs can be FortiGate devices with Forti Extender.
  2. You can build an SD-WAN topology that includes all devices. The hubs must be devices without extensions.
  3. You must use FortiManager to manage your SD-WAN topology.
  4. You must build multiple SD-WAN topologies. Each topology must contain only one type of extension.

Answer(s): B



Refer to the exhibit.



Refer to the exhibit that shows event logs on FortiGate. Based on the output shown in the exhibit, what can you say about the tunnels on this device?

  1. The master tunnel HU82-VPN3 cannot accept ADVPN shortcuts.
  2. The device steers voice traffic through the VPN tunnel HUB1-VPN3.
  3. The VPN tunnel HUB1-VPN1_0 is a shortcut tunnel.
  4. There is one shortcut tunnel built from master tunnel VPN4.

Answer(s): B



Exhibit.



Which action will FortiGate take if it detects SD-WAN members as dead?

  1. FoftiGate bounces port5 after it detects all SD-WAN members as dead.
  2. FortiGate fails over to the secondary device after it detects port5 as dead.
  3. FortiGate sends alert messages through poft5 when it detects all SD-WAN members as dead
  4. FortiGate brings down port5 after it detects all SD-WAN members as dead.

Answer(s): D



You are planning a large SD-WAN deployment with approximately 1000 spokes and want to allow ADVPN between the spokes. Some remote sites use FortiSASE to connect to the company's SD-WAN hub.
Which overlay routing configuration should you use?

  1. BGP on loopback with dynamic BGP for ADVPN shortcut routing.
  2. BGP on loopback with IPsec phase2 selectors for ADVPN shortcut routing.
  3. BGP per overlay with dynamic BGP for ADVPN shortcut routing.
  4. BGP per overlay with BGP next-hop convergence for ADVPN shortcut routing.

Answer(s): A



Refer to the exhibits.

You connect to a device behind a branch FortiGate device and initiate a ping test. The device is part of the LAN subnet and its IP address is 10.0.1.101.
Based on the exhibits, which interface uses branch 1_fgt to steer the test traffic?

  1. port4
  2. HUB1-VPN1
  3. port1
  4. port2

Answer(s): C



You manage an SD-WAN topology. You will soon deploy 50 new branches.
Which three tasks can you do in advance to simplify this deployment? (Choose three.)

  1. Update the DHCP server configuration.
  2. Create model devices.
  3. Create a ZTP template.
  4. Define metadata variables value for each device.
  5. Create policy blueprint.

Answer(s): B,C,E






Post your Comments and Discuss Fortinet FCSS_SDW_AR-7.4 exam prep with other Community members:

FCSS_SDW_AR-7.4 Exam Discussions & Posts