CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_SDW-7.0

Free NSE7_SDW-7.0 Exam Braindumps (page: 5)

Page 4 of 18
PDF with 70 Questions

Refer to the exhibit.



Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)

  1. FortiGate flushes all sessions.
  2. FortiGate terminates the old sessions.
  3. FortiGate does not change existing sessions.
  4. FortiGate evaluates new sessions.

Answer(s): C,D

Explanation:

FortiGate not to flag existing impacted session as dirty by setting firewall-session-dirty to check new. The results is that FortiGate evaluates only new session against the new firewall policy.



Which two statements about SD-WAN central management are true? (Choose two.)

  1. The objects are saved in the ADOM common object database.
  2. It does not support meta fields.
  3. It uses templates to configure SD-WAN on managed devices.
  4. It supports normalized interfaces for SD-WAN member configuration.

Answer(s): A,C

Explanation:

Normalized interfaces are not supported for SD-WAN templates. You can create multiple SD-WAN zones and add interface members to the SD-WAN zones. You must bind the interface members by name to physical interfaces or VPN
interfaces.https://docs.fortinet.com/document/fortigate/7.0.0/sd-wan-new-features/794804/new- sd-wan-template-fmg



Refer to the exhibits.



Which conclusion about the packet debug flow output is correct?

  1. The total number of daily sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.
  2. The packet size exceeded the outgoing interface MTU.
  3. The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.
  4. The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the firewall policy, and the packet was dropped.

Answer(s): C

Explanation:

In a Per-IP shaper configuration, if an IP address exceeds the configured concurrent session limit, the message "Denied by quota check" appears. SD-WAN 7.0 Study Guide page 287



Which are two benefits of using CLI templates in FortiManager? (Choose two.)

  1. You can reference meta fields.
  2. You can configure interfaces as SD-WAN members without having to remove references first.
  3. You can configure FortiManager to sync local configuration changes made on the managed device, to the CLI template.
  4. You can configure advanced CLI settings.

Answer(s): A,D






Post your Comments and Discuss Fortinet NSE7_SDW-7.0 exam with other Community members:

NSE7_SDW-7.0 Discussions & Posts