The answer is C
Fortinet nse7-sdw-6-4 practice test
Fortinet NSE 7 - SD-WAN 6.4 Exam
Last exam update: Jul 20 ,2024
Question 1
Refer to the exhibit.
Which two statements about the debug output are correct? (Choose two )
- A. The debug output shows per-IP shaper values and real-time readings.
- B. This traffic shaper drops traffic that exceeds the set limits.
- C. Traffic being controlled by the traffic shaper is under 1 Kbps.
- D. FortiGate provides statistics and reading based on historical traffic logs.
Answer:
AB
Discussions
0
/ 1000
Question 2
Which two reasons make forward error correction (FEC) ideal to enable in a phase one VPN
interface? (Choose two )
- A. FEC transmits the original payload in full to recover the error in transmission.
- B. FEC improves reliability which overcomes adverse WAN conditions such as noisy links.
- C. FEC is useful to increase speed at which traffic is routed through IPsec tunnels.
- D. FEC transmits additional packets as redundant data to the remote device.
- E. FEC reduces the stress on the remote device jitter buffer to reconstruct packet loss
Answer:
BD
Discussions
0
/ 1000
Question 3
Which statement about using BGP routes in SD-WAN is true?
- A. Adding static routes must be enabled on all ADVPN interfaces.
- B. VPN topologies must be form using only BGP dynamic routing with SD-WAN
- C. Learned routes can be used as dynamic destinations in SD-WAN rules
- D. Dynamic routing protocols can be used only with non-encrypted traffic
Answer:
C
Discussions
0
/ 1000
Question 4
Refer to exhibits.
Exhibit A shows the performance SLA exhibit B shows the SD-WAN diagnostics output.
Based on the exhibits, which statement is correct?
- A. Both SD-WAN member interfaces have used separate SLA targets.
- B. The SLA state of port1 is dead after five unanswered requests by the SLA servers.
- C. Port1 became dead 1ecause no traffic was offload through the egress of port1.
- D. SD-WAN member interfaces are affected by the SLA state of the inactive interface
Answer:
B
Discussions
0
/ 1000
Question 5
Which diagnostic command can you use to show the SD-WAN rules interface information and state?
- A. diagnose sys virtual-wan-link neighbor.
- B. diagnose sys virtual—wan—link route-tag-list
- C. diagnose sys virtual—wan—link member.
- D. diagnose sys virtual-wan-link service
Answer:
C
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/818746/sd-wan-related-
diagnose-commands
Discussions
0
/ 1000
Question 6
Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes?
- A. diagnose sys virtual-wan-link health-check
- B. diagnose sys virtual-wan-link log
- C. diagnose sys virtual-wan-link sla-log
- D. diagnose sys virtual-wan-link intf-sla-log
Answer:
C
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/943037/sla-logging
Discussions
0
/ 1000
Question 7
Refer to the exhibit.
Which statement about the trace evaluation by FomGate is true?
- A. Packets exceeding the configured maximum concurrent connection limit are denied by the per-IP shaper.
- B. The packet exceeded the configured bandwidth and was dropped based on the priority configuration.
- C. The packet exceeded the configured maximum bandwidth and was dropped by the shared shaper.
- D. Packets exceeding the configured concurrent connection limit are dropped based on the priority configuration.
Answer:
A
Discussions
0
/ 1000
Question 8
Which statement defines how a per-IP traffic shaper of 10 Mbps is applied to the entire network?
- A. FortiGate allocates each IP address a maximum 10 Mbps of bandwidth.
- B. Each IP is guaranteed a minimum 10 Mbps of bandwidth
- C. A single user uses the allocated bandwidth divided by total number of users.
- D. The 10 Mbps bandwidth is shared equally among the IP addresses.
Answer:
A
Reference:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/885253/per-ip-traffic-shaper
Discussions
0
/ 1000
Question 9
Refer to exhibits.
Exhibit A shows the firewall policy and exhibit B shows the traffic shaping policy.
The traffic shaping policy is being applied to all outbound traffic; however, inbound traffic is not
being evaluated by the shaping policy.
Based on the exhibits, what configuration change must be made in which policy so that traffic
shaping can be applied to inbound traffic?
- A. The reverse shaper option must be enabled and a traffic shaper must be selected
- B. The guaranteed-10mbps option must be selected as the reverse shaper option.
- C. A new firewall policy must be created and SD-WAN must be selected as the incoming interface.
- D. The guaranteed-10mbps option must be selected as the per-IP shaper option
Answer:
B
Discussions
0
/ 1000
Question 10
What are the two minimum configuration requirements for an outgoing interface to be selected once
the SD-WAN logical interface is enabled? (Choose two )
- A. Specify outgoing interface routing cost.
- B. Configure SD-WAN rules interface preference.
- C. Select SD-WAN balancing strategy.
- D. Specify incoming interfaces in SD-WAN rules.
Answer:
AB
Discussions
0
/ 1000
Question 11
What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of
available bandwidth?
- A. Per-IP shaping mode
- B. Reverse policy shaping mode
- C. Interface-based shaping mode
- D. Shared policy shaping mode
Answer:
D
Discussions
0
/ 1000
10 months, 1 week ago
Question 12
Refer to exhibits.
Exhibit A.
Exhibit B.
Exhibit A, which shows the SD-WAN performance SLA and exhibit B shows the health of the
participating SD-WAN members.
Based on the exhibits, which statement is correct?
- A. The dead member interface stays unavailable until an administrator manually brings the interface back.
- B. The SLA state of port2 has exceeded three consecutive unanswered requests from the SLA server.
- C. Port2 needs to wait 500 milliseconds to change the status from alive to dead.
- D. Check interval is the time to wait before a packet sent by a member interface considered as lost.
Answer:
B
Discussions
0
/ 1000
Question 13
Refer to the exhibit.
Which statement about the command route-tag in the SD-WAN rule is true?
- A. It enables the SD-WAN rule to load balance and assign traffic with a route tag
- B. It tags each route and references the tag in the routing table.
- C. It uses route tags for a BGP community and assigns the SD-WAN rules with same tag.
- D. It ensures route tags match the SD-WAN rule based on the rule order
Answer:
D
Discussions
0
/ 1000
Question 14
An administrator is troubleshooting VoIP quality issues that occur when calling external phone
numbers The SD-WAN interface on the edge FortiGate is configured with the default settings, and is
using two upstream links One link has random jitter and latency issues and is based on a wireless
connection
Which two actions must the administrator apply simultaneously on the edge FortiGate to improve
VoIP quality using SD_WAN rules?
- A. Select the corresponding SD-WAN balancing strategy in the SD-WAN rule.
- B. Choose the suitable interface based on the interface cost and weight.
- C. Use the performance SLA targets to detect latency and jitter instantly.
- D. Place the troublesome link at the top of the interface preference list.
- E. Configure an SD-WAN rule to load balance all traffic without VoIP.
Answer:
AC
Discussions
0
/ 1000
Question 15
Refer to the exhibit.
What must you configure to enable ADVPN?
- A. On the hub VPN, only the device needs additional phase one sett
- B. ADVPN should only be enabled on unmanaged FortiGate devices.
- C. Each VPN device has a unique pre-shared key configured separately on phase one
- D. The protected subnets should be set to address object to all (0.0 .0. o/o).
Answer:
C
Discussions
0
/ 1000