Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_SDW-7.0

Fortinet NSE7_SDW-7.0 Exam
Fortinet NSE 7 - SD-WAN 7.0 (Page 3 )

Updated On: 12-Feb-2026
Page 3 of 15
PDF with 70 Questions

Which two performance SLA protocols enable you to verify that the server response contains a specific value? (Choose two.)

  1. http
  2. icmp
  3. twamp
  4. dns

Answer(s): A,D

Explanation:

Pages 85,86 in Study guide 7.0 Pages 100,101 in Study guide 7



Refer to the exhibits.



Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)

  1. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.
  2. The measured bandwidth is less than 100 KBps.
  3. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.
  4. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.

Answer(s): B,C



Refer to the exhibit.



Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?

  1. type must be set to static.
  2. mode-cfg must be enabled.
  3. exchange-interface-ip must be enabled.
  4. add-route must be disabled.

Answer(s): D

Explanation:

for using "non ike" routes (for example BGP/static and so on) you must do disable the add-route that inject automatically kernel route based on p2 selectors from the remote site from the SD- WAN_7.2_Study_Guide page 236



Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?

  1. get router info routing-table all
  2. diagnose debug application ike
  3. diagnose vpn tunnel list
  4. get ipsec tunnel list

Answer(s): B

Explanation:

IKE real-time debug - useful when debugging ADVPN shortcut messages and spoke-to-spoke negotiations.
· diagnose debug console timestamp enable
· diagnose vpn ike log filter clear
· diagnose vpn ike log filter mdst-addr4 <ip.of.hub> <ip.of.spoke> · diagnose debug application ike -1
· diagnose debug enable



Refer to the exhibits.



Exhibit B ­



Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.
Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?

  1. port1 is assigned a manual IP address.
  2. port1 is referenced in a firewall policy.
  3. port2 is referenced in a static route.
  4. port1 and port2 are not administratively down.

Answer(s): B






Post your Comments and Discuss Fortinet NSE7_SDW-7.0 exam prep with other Community members:

Join the NSE7_SDW-7.0 Discussion