● NSE 7—SD-WAN 7.2 Exam Materials

Please note that the exam "NSE 7—SD-WAN 7.2 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 – SD-WAN 7.6 Enterprise Administrator"

The new exam version is available on Brave-Dumps and can be purchased.



Question #61
Comment Image Comment Image Comment Image

Which two statements about SD-WAN central management are true? (Choose two answers)

  • A. The objects are saved in the ADOM common object database.
  • B. It does not support meta fields.
  • C. It uses templates to configure SD-WAN on managed devices.
  • D. It supports normalized interfaces for SD-WAN member configuration.

Question #62
Comment Image Comment Image Comment Image

Refer to the exhibit.

Which conclusion about the packet debug flow output is correct? (Choose one answer)

  • A. The total number of daily sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.
  • B. The packet size exceeded the outgoing interface MTU.
  • C. The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.
  • D. The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the firewall policy, and the packet was dropped.

Question #63
Comment Image Comment Image Comment Image

Which two tasks are part of using central VPN management? (Choose two answers)

  • A. You can configure full mesh, star, and dial-up VPN topologies.
  • B. You must enable VPN zones for SD-WAN deployments.
  • C. FortiManager installs VPN settings on both managed and external gateways.
  • D. You configure VPN communities to define common IPsec settings shared by all VPN gateways.

Question #64
Comment Image Comment Image Comment Image

Refer to the exhibit.

Which statement about the role of the ADVPN device in handling traffic is true? (Choose one answer)

  • A. Two spokes, 192.2.0.1 and 10.0.2.101, forward their queries to their hubs.
  • B. This is a spoke that has received a query from a remote hub and has forwarded the response to its hub.
  • C. This is a hub that has received a query from a spoke and has forwarded it to another spoke.
  • D. Two hubs, 10.0.1.101 and 10.0.2.101, are receiving and forwarding queries between each other.

Question #65
Comment Image Comment Image Comment Image

Which two statements about the SD-WAN zone configuration are true? (Choose two answers)

  • A. You can use the service-sla-tie-break setting to configure preferred member selection based on the best route to the destination.
  • B. The default zone is virtual-wan-link.
  • C. You can delete the default zones.
  • D. An SD-WAN member can belong to two or more zones.

Question #66
Comment Image Comment Image Comment Image

Which SD-WAN setting enables FortiGate to delay the recovery of ADVPN shortcuts? (Choose one answer)

  • A. idle-timeout
  • B. link-down-failover
  • C. auto-discovery-shortcuts
  • D. hold-down-time

Question #67
Comment Image Comment Image Comment Image

Refer to the exhibit.

Based on the exhibit, which two actions does FortiGate perform on traffic passing through port2? (Choose two answers)

  • A. FortiGate does not change the routing information on existing sessions that use a valid gateway, after a route change.
  • B. FortiGate always blocks all traffic, after a route change.
  • C. FortiGate performs routing lookups for new sessions only, after a route change.
  • D. FortiGate flushes all routing information from the session table, after a route change.

Question #68
Comment Image Comment Image Comment Image

What are two common use cases for remote internet access (RIA)? (Choose two answers)

  • A. Provide internet access through the hub.
  • B. Centralize security inspection on the hub.
  • C. Provide thorough inspection on spokes.
  • D. Provide direct internet access on spokes.

Question #69
Comment Image Comment Image Comment Image

What are two benefits of using forward error correction (FEC) in IPsec VPNs? (Choose two answers)

  • A. FEC can leverage multiple IPsec tunnels for parity packets transmission.
  • B. FEC transmits parity packets that can be used to reconstruct packet loss.
  • C. FEC improves reliability of noisy links.
  • D. FEC supports hardware offloading.

Question #70
Comment Image Comment Image Comment Image

Refer to the exhibit.

Based on the exhibit, which two statements are correct about the health of the selected members? (Choose two answers)

  • A. After FortiGate switches to active mode, the SLA performance rule never fallsback to passive monitoring.
  • B. FortiGate passively monitors the member if TCP traffic is passing through the member.
  • C. FortiGate can offload the traffic that is subject to passive monitoring to hardware.
  • D. During passive monitoring, the SLA performance rule cannot detect dead members.