● NSE 7—SD-WAN 7.2 Exam Materials

Please note that the exam "NSE 7—SD-WAN 7.2 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 – SD-WAN 7.6 Enterprise Administrator"

The new exam version is available on Brave-Dumps and can be purchased.



Question #11
Comment Image Comment Image Comment Image

Which statement about SD-WAN zones is true? (Choose one answer)

  • A. An SD-WAN zone can contain between 0 and 512 members.
  • B. You can configure up to 32 SD-WAN zones per VDOM.
  • C. An SD-WAN zone can contain only one type of interface.
  • D. You cannot use an SD-WAN zone in static route definitions.

Question #12
Comment Image Comment Image Comment Image

The SD-WAN overlay template helps to prepare SD-WAN deployments. To complete the tasks performed by the SD-WAN overlay template, the administrator must perform some post-run tasks.

What are three mandatory post-run tasks that must be performed? (Choose three answers)

  • A. Assign an sdwan_id metadata variable to each device (branch and hub).
  • B. Assign a branch_id metadata variable to each branch device.
  • C. Create policy packages for branch devices.
  • D. Configure SD-WAN rules.
  • E. Configure routing through overlay tunnels created by the SD-WAN overlay template.

Question #13
Comment Image Comment Image Comment Image

Refer to the exhibit.

The administrator used the SD-WAN overlay template to prepare an IPsec tunnels configuration for a hub-and-spoke SD-WAN topology. The exhibit shows the FortiManager installation preview for one FortiGate device.

Based on the exhibit, which statement best describes the configuration applied to the FortiGate device? (Choose one answer)

  • A. It is a spoke device that establishes dynamic IPsec tunnels to the hub. It can send ADVPN shortcut requests.
  • B. It is a hub device. It can send ADVPN shortcut offers.
  • C. It is a hub device and will automatically discover the spoke devices that are part of the SD-WAN topology.
  • D. It is a spoke device that establishes dynamic IPsec tunnels to the hub. The local subnet range is 10.10.128.0/23.

Question #14
Comment Image Comment Image Comment Image

Within IPsec tunnel templates available on FortiManager, which template will you use to configure static tunnels for a hub and spoke topology? (Choose one answer)

  • A. Hub_IPsec_Recommended
  • B. Static_IPsec_Recommended
  • C. IPsec Fortinet Recommended
  • D. Branch IPsec Recommended

Question #15
Comment Image Comment Image Comment Image

What is true about SD-WAN multiregion topologies? (Choose one answer)

  • A. It is not compatible with ADVPN.
  • B. Routing between the hub and spokes must be BGP.
  • C. Regions must correspond to geographical areas.
  • D. Each region has its own SD-WAN topology.

Question #16
Comment Image Comment Image Comment Image

Which two statements about the SD-WAN members are true? (Choose two answers)

  • A. Interfaces of type virtual wire pair can be used as SD-WAN members.
  • B. You can manually define the SD-WAN members sequence number.
  • C. An SD-WAN member can belong to two or more SD-WAN zones.
  • D. Interfaces of type VLAN can be used as SD-WAN members.

Question #17
Comment Image Comment Image Comment Image

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI.

Based on the exhibit, which statement is true? (Choose one answer)

  • A. You can move port1 from the underlay zone to the overlay zone.
  • B. You can delete the virtual-wan-link zone because it contains no member.
  • C. The corporate zone contains no member.
  • D. The overlay zone contains four members.

Question #18
Comment Image Comment Image Comment Image

The administrator uses the FortiManager SD-WAN overlay template to prepare an SD-WAN deployment. With information provided through the SD-WAN overlay template wizard, FortiManager creates templates ready to install on spoke and hub devices.

Select three templates created by the SD-WAN overlay template for a spoke device. (Choose three answers)

  • A. IPsec tunnel template
  • B. BGP template
  • C. Overlay template
  • D. System template
  • E. CLI template

Question #19
Comment Image Comment Image Comment Image

In which SD-WAN template field can you use a metadata variable? (Choose one answer)

  • A. You can use metadata variables only to define interface members and the gateway IP.
  • B. Any field identified with a dollar sign (S) in a magnifying glass.
  • C. Any field identified with an "M" in a circle.
  • D. All SD-WAN template fields support metadata variables.

Question #20
Comment Image Comment Image Comment Image

Refer to the exhibits.

Exhibit A shows a policy package definition. Exhibit B shows the install log that the administrator received when he tried to install the policy package on FortiGate devices.

Based on the output shown in the exhibits, what can the administrator do to solve the issue? (Choose one answer)

  • A. Create dynamic mapping for the LAN interface for all devices in the installation target list.
  • B. Policies can refer to only one LAN source interface. Keep only the D-LAN, which is the dynamic LAN interface.
  • C. Dynamic mapping should be done automatically. Review the LAN interface configuration for branch2_fgt.
  • D. Use a metadata variable instead of a dynamic interface to define the firewall policy.