Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_SDW-7.2

Fortinet NSE7_SDW-7.2 Exam Questions
Fortinet NSE 7 - SD-WAN 7.2 (Page 7 )

Updated On: 21-Feb-2026
Page 4 of 21
PDF with 99 Questions

What are two advantages of using an IPsec recommended template to configure an IPsec tunnel in a hub-and-spoke topology? (Choose two.)

  1. VPN monitor tool provides additional statistics for tunnels defined with an IPsec recommended template.
  2. FortiManager automatically installs IPsec tunnels to every spoke when they are added to the FortiManager ADOM.
  3. IPsec recommended template guides the administrator to use Fortinet recommended settings.
  4. IPsec recommended template ensures consistent settings between phase1 and phase2

Answer(s): B,C

Explanation:

According to the SD-WAN 7.2 Study Guide, IPsec recommended templates are designed to simplify the configuration of IPsec tunnels in a hub-and-spoke topology. They have the following advantages:

FortiManager automatically installs IPsec tunnels to every spoke when they are added to the FortiManager ADOM. This reduces the manual effort and ensures that all spokes have the same configuration.

IPsec recommended template guides the administrator to use Fortinet recommended settings, such as encryption algorithms, key lifetimes, and dead peer detection. This ensures optimal performance and security of the IPsec tunnels.



Refer to the exhibit.



An administrator used the SD-WAN overlay template to prepare an IPsec configuration for a hub-and- spoke SD-WAN topology. The exhibit shows the installation preview for one FortiGate device. In the exhibit, which statement best describes the configuration applied to the FortiGate device?

  1. It is a hub device. It can send ADVPN shortcut offers.
  2. It is a spoke device that establishes dynamic IPsec tunnels to the hub. The subnet range is 10.10.128.0/23.
  3. It is a spoke device that establishes dynamic IPsec tunnels to the hub. It can send ADVPN shortcut requests.
  4. It is a hub device and will automatically discover the spoke devices that are in the SD-WAN topology.

Answer(s): A



Which three matching traffic criteria are available in SD-WAN rules? (Choose three.)

  1. Type of physical link connection
  2. Internet service database (ISDB) address object
  3. Source and destination IP address
  4. URL categories
  5. Application signatures

Answer(s): B,C,E



Which two interfaces are considered overlay links? (Choose two.)

  1. LAG
  2. IPsec
  3. Physical
  4. GRE

Answer(s): B,D





Exhibit B ­



Exhibit A shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.

Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?

  1. port1 is assigned a manual IP address.
  2. port1 is referenced in a firewall policy.
  3. port2 is referenced in a static route.
  4. port1 and port2 are not administratively down.

Answer(s): B






Post your Comments and Discuss Fortinet NSE7_SDW-7.2 exam dumps with other Community members:

Join the NSE7_SDW-7.2 Discussion