NSE7_SDW-6.4 Online Practice Questions and Answers

Which three performance SLA protocols are available on the FortiGate CLI only? (Choose three.)

A. tcp-echo

B. icmp

C. twamp

D. udp-echo

E. smtp

Refer to the exhibit.

Based on output shown in the exhibit, which two commands can be used by SD-WAN rules? (Choose two.)

A. set cost 15.

B. set source 100.64.1.1.

C. set priority 10.

D. set load-balance-mode source-ip-based.

Refer to the exhibit.

Which two statements about the status of the VPN tunnel are true?

A. There are separate virtual interfaces for each dial-up client.

B. VPN static routes are prevented from populating the FortiGate routing table.

C. FortiGate created a single IPsec virtual interface that is shared by all clients.

D. 100.64.3.1 is one of the remote IP address that comes through index interface 1.

Refer to Exhibit:

Based on the exhibit, which algorithm does SD-WAN use to distribute traffic that does not match any of the SD-WAN rules, among the member interfaces?

A. All traffic from a source IP to a destination IP Is sent to the same interface.

B. All traffic from a source IP Is sent to the most used Interface.

C. All traffic from a source IP to a destination IP is sent to the least used interface.

D. All traffic from a source IP is sent to the same interfaces.

Which diagnostic command can you use to show the SD-WAN rules interface information and state?

A. diagnose sys sdwan route-tag-list.

B. diagnose sys sdwan service.

C. diagnose sys sdwan member.

D. diagnose sys sdwan neighbor.

Refer to the exhibit.

Based on the output, which two conclusions are true? (Choose two.)

A. The all_rules rule represents the implicit SD-WAN rule.

B. There is more than one SD-WAN rule configured.

C. Entry 1 (id=1) is a regular policy route.

D. The SD-WAN rules takes precedence over regular policy routes.

Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?

A. diagnose sys virtual-wan-link service

B. get router info routing-table

C. diagnose debug application ike

D. get ipsec tunnel list

Refer to the exhibit.

Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)

A. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.

B. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.

C. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.

D. The measured bandwidth is less than 100 KBps.

Refer to the exhibits.

ExhibitA shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.

Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?

A. port2 is referenced in a static route.

B. port1 is assigned a manual IP address.

C. port1 and port2 are not administratively down.

D. port1 is referenced in a firewall policy.

Refer to the exhibit.

Which conclusion about the packet debug flow output is correct?

A. The original traffic exceeded the maximum bandwidth of the outgoing interface, and the packet was dropped.

B. The reply traffic exceeded the maximum bandwidth configured in the traffic shaper, and the packet was dropped.

C. The original traffic exceeded the maximum packets per second of the outgoing interface, and the packet was dropped.

D. The original traffic exceeded the maximum bandwidth configured in the traffic shaper, and the packet was dropped.