CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_SDW-7.0

Free NSE7_SDW-7.0 Exam Braindumps (page: 7)

Page 6 of 18
PDF with 70 Questions

Refer to the exhibits.

Exhibit A -



Exhibit B -



Exhibit A shows a site-to-site topology between two FortiGate devices: branch1_fgt and dc1_fgt. Exhibit B shows the system global and system settings configuration on dc1_fgt.
When branch1_client establishes a connection to dc1_host, the administrator observes that, on dc1_fgt, the reply traffic is routed over T_INET_0_0, even though T_INET_1_0 is the preferred member in the matching SD-WAN rule.
Based on the information shown in the exhibits, what configuration change must be made on dc1_fgt so dc1_fgt routes the reply traffic over T_INET_1_0?

  1. Enable auxiliary-session under config system settings.
  2. Disable tp-session-without-syn under config system settings.
  3. Enable snat-route-change under config system global.
  4. Disable allow-subnet-overlap under config system settings.

Answer(s): A

Explanation:

Controlling return path with auxiliary session When multiple incoming or outgoing interfaces are used in ECMP or for load balancing, changes to routing, incoming, or return traffic interfaces impacts how an existing sessions handles the traffic. Auxiliary sessions can be used to handle these changes to traffic patterns.https://docs.fortinet.com/document/fortigate/7.0.11/administration- guide/14295/controlling-return-path-with-auxiliary-session



Refer to the exhibits.

Exhibit A -

Exhibit B -



Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member status, the routing table, and the performance SLA status.
If port2 is detected dead by FortiGate, what is the expected behavior?

  1. Port2 becomes alive after three successful probes are detected.
  2. FortiGate removes all static routes for port2.
  3. The administrator manually restores the static routes for port2, if port2 becomes alive.
  4. Host 8.8.8.8 is reachable through port1 and port2.

Answer(s): B

Explanation:

This is due to Update static route is enable which removes the static route entry referencing the interface if the interface is dead



Which best describes the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

  1. Interface-based shaping mode
  2. Reverse-policy shaping mode
  3. Shared-policy shaping mode
  4. Per-IP shaping mode

Answer(s): A

Explanation:

Interface-based shaping goes further, enabling traffic controls based on percentage of the interface bandwidth.



Refer to the exhibit.



Which algorithm does SD-WAN use to distribute traffic that does not match any of the SD-WAN

rules?

  1. All traffic from a source IP to a destination IP is sent to the same interface.
  2. All traffic from a source IP is sent to the same interface.
  3. All traffic from a source IP is sent to the most used interface.
  4. All traffic from a source IP to a destination IP is sent to the least used interface.

Answer(s): A






Post your Comments and Discuss Fortinet NSE7_SDW-7.0 exam with other Community members:

NSE7_SDW-7.0 Discussions & Posts