NSE7_SDW-7.0 Online Practice Questions and Answers

Refer to the exhibit.

An administrator is troubleshooting SD-WAN on FortiGate. A device behind branch1_fgt generates traffic to the 10.0.0.0/8 network. The administrator expects the traffic to match SD-WAN rule ID 1 and be routed over T_INET_0_0. However, the traffic is routed over T_INET_1_0.

Based on the output shown in the exhibit, which two reasons can cause the observed behavior? (Choose two.)

A. The traffic matches a regular policy route configured with T_INET_1_0 as the outgoing device.

B. T_INET_1_0 has a lower route priority value (higher priority) than T_INET_0_0.

C. T_INET_0_0 does not have a valid route to the destination.

D. T_INET_1_0 has a higher member configuration priority than T_INET_0_0.

Refer to the exhibit.

Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?

A. type must be set to static.

B. mode-cfg must be enabled.

C. exchange-interface-ip must be enabled.

D. add-route must be disabled.

Which are three key routing principles in SD-WAN? (Choose three.)

A. FortiGate performs route lookups for new sessions only.

B. Regular policy routes have precedence over SD-WAN rules.

C. SD-WAN rules have precedence over ISDB routes.

D. By default, SD-WAN members are skipped if they do not have a valid route to the destination.

E. By default, SD-WAN rules are skipped if the best route to the destination is not an SD- WAN member.

Which two statements about SLA targets and SD-WAN rules are true? (Choose two.)

A. Member metrics are measured only if an SLA target is configured.

B. SLA targets are used only by SD-WAN rules that are configured with Lowest Cost (SLA) or Maximize Bandwidth (SLA) as strategy.

C. When configuring an SD-WAN rule, you can select multiple SLA targets of the same performance SLA.

D. SD-WAN rules use SLA targets to check if the preferred members meet the SLA requirements.

Refer to exhibits.

Exhibit A shows the source NAT global setting and exhibit B shows the routing table on FortiGate.

Based on the exhibits, which two statements about increasing the port2 interface priority to 20 are true? (Choose two.)

A. All the existing sessions that do not use SNAT will be flushed and routed through port1.

B. All the existing sessions will continue to use port2, and new sessions will use port1.

C. All the existing sessions using SNAT will be flushed and routed through port1.

D. All the existing sessions will be blocked from using port1 and port2.

Refer to the exhibits.

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member and the static routes configuration. If port2 is detected dead by FortiGate, which expected behavior is correct?

A. Port2 becomes alive after one successful probe is detected.

B. The SD-WAN interface becomes disabled and port1 becomes the WAN interface.

C. Dead members require manual administrator access to bring them back alive.

D. Subnets 10.0.20.0/23 and 172.20.0.0/16 are reachable only through port1.

Which two reasons make forward error correction (FEC) ideal to enable in a phase one VPN interface? (Choose two )

A. FEC transmits the original payload in full to recover the error in transmission.

B. FEC improves reliability which overcomes adverse WAN conditions such as noisy links.

C. FEC is useful to increase speed at which traffic is routed through IPsec tunnels.

D. FEC transmits additional packets as redundant data to the remote device.

E. FEC reduces the stress on the remote device jitter buffer to reconstruct packet loss

Refer to the exhibit.

Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)

A. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.

B. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.

C. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.

D. The measured bandwidth is less than 100 KBps.

Refer to the exhibits.

ExhibitA shows the system interface with the static routes and exhibit B shows the firewall policies on the managed FortiGate.

Based on the FortiGate configuration shown in the exhibits, what issue might you encounter when creating an SD-WAN zone for port1 and port2?

A. port2 is referenced in a static route.

B. port1 is assigned a manual IP address.

C. port1 and port2 are not administratively down.

D. port1 is referenced in a firewall policy.

Refer to the exhibit.

Based on the exhibit, which status description is correct?

A. Port1 is dead because it does not meet the SLA target.

B. Port2 is alive because its packet loss is lower than 10%.

C. The SD-WAN members are monitored by different performance SLAs.

D. Traffic matching the SD-WAN rule is steered through port2.