CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_SDW-7.2

Free NSE7_SDW-7.2 Exam Braindumps (page: 2)

Page 2 of 22
PDF with 93 Questions

What are two common use cases for remote internet access (RIA)? (Choose two.)

  1. Provide direct internet access on spokes
  2. Provide internet access through the hub
  3. Centralize security inspection on the hub
  4. Provide thorough inspection on spokes

Answer(s): B,C

Explanation:

B) Provide internet access through the hub: This involves routing branch or remote office internet traffic through a central hub, ensuring consistent security policies and possibly better management of network resources.
C) Centralize security inspection on the hub: With this approach, all internet-bound traffic from various spokes is inspected at the hub, leveraging centralized security mechanisms for thorough inspection and policy enforcement.



Refer to the exhibits.





An administrator is testing application steering in SD-WAN. Before generating test traffic, the administrator collected the information shown in exhibit A.

After generating GoToMeeting test traffic, the administrator examined the respective traffic log on FortiAnalyzer, which is shown in exhibit B. The administrator noticed that the traffic matched the implicit SD-WAN rule, but they expected the traffic to match rule ID 1.

Which two reasons explain why the traffic matched the implicit SD-WAN rule? (Choose two.)

  1. FortiGate did not refresh the routing information on the session after the application was detected.
  2. Port1 and port2 do not have a valid route to the destination.
  3. Full SSL inspection is not enabled on the matching firewall policy.
  4. The session 3-tuple did not match any of the existing entries in the ISDB application cache.

Answer(s): A,D

Explanation:

Study guide 7.2 Page 191



Refer to the exhibit.



Which algorithm does SD-WAN use to distribute traffic that does not match any of the SD-WAN rules?

  1. All traffic from a source IP to a destination IP is sent to the same interface.
  2. All traffic from a source IP is sent to the same interface.
  3. All traffic from a source IP is sent to the most used interface.
  4. All traffic from a source IP to a destination IP is sent to the least used interface.

Answer(s): A

Explanation:

Study Guide 7.2, page 176.



Refer to the exhibits.
Exhibit A



Exhibit B



Exhibit A shows the SD-WAN performance SLA configuration, the SD-WAN rule configuration, and the application IDs of Facebook and YouTube. Exhibit B shows the firewall policy configuration and the underlay zone status.

Based on the exhibits, which two statements are correct about the health and performance of port1 and port2? (Choose two.)

  1. The performance is an average of the metrics measured for Facebook and YouTube traffic passing through the member.
  2. FortiGate is unable to measure jitter and packet loss on Facebook and YouTube traffic.
  3. FortiGate identifies the member as dead when there is no Facebook and YouTube traffic passing through the member.
  4. Non-TCP Facebook and YouTube traffic are not used for performance measurement.

Answer(s): A,D

Explanation:

Study Guide 7.2, pages 103 - 104. Another comment said "because without using application Control on the firewall policy, SDWAN can't work" but there is a app control "default" defined on config.



Page 2 of 22



Post your Comments and Discuss Fortinet NSE7_SDW-7.2 exam with other Community members:

elhassan commented on November 26, 2024
many thanks
Anonymous
upvote

Milton commented on August 26, 2024
BRAZIL here. Let's go up!
Anonymous
upvote