Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Fortinet > Fortinet Certifications > NSE7_SDW-6.4 > NSE7_SDW-6.4 Online Practice Questions and Answers

NSE7_SDW-6.4 Online Practice Questions and Answers

Questions 4

Which three parameters are available to configure SD-WAN rules? (Choose three.)

A. Application signatures

B. Type of physical link connection

C. URL categories

D. Source and destination IP address

E. Internet service database (ISDB) address object

Buy Now

Correct Answer: ADE

Questions 5

Refer to the exhibit.

Which two statements about the status of the VPN tunnel are true?

A. There are separate virtual interfaces for each dial-up client.

B. VPN static routes are prevented from populating the FortiGate routing table.

C. FortiGate created a single IPsec virtual interface that is shared by all clients.

D. 100.64.3.1 is one of the remote IP address that comes through index interface 1.

Buy Now

Correct Answer: CD

If net-device is disabled, FortiGate creates a single IPSEC virtual interface that is shared by all IPSEC clients connecting to the same dialup VPN. In this case, the tunnel-search setting determines how FortiGate learns the network behind each remote client.

Questions 6

Which diagnostic command can you use to show the SD-WAN rules interface information and state?

A. diagnose sys sdwan route-tag-list.

B. diagnose sys sdwan service.

C. diagnose sys sdwan member.

D. diagnose sys sdwan neighbor.

Buy Now

Correct Answer: B

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Diagnostic-commands-to-check-the-status-of-the-SD/ta-p/194246

Questions 7

What would best describe the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

A. Per-IP shaping mode

B. Reverse policy shaping mode

C. Interface-based shaping mode

D. Shared policy shaping mode

Buy Now

Correct Answer: C

SD-WAN 6.4.5 Study Guide. pg 124

Questions 8

Refer to the exhibit.

Which two conclusions for traffic that matches the traffic shaper are true? (Choose two.)

A. The traffic shaper drops packets if the bandwidth exceeds 6250 KBps.

B. The traffic shaper limits the bandwidth of each source IP to a maximum of 6250 KBps.

C. The traffic shaper drops packets if the bandwidth is less than 2500 KBps.

D. The measured bandwidth is less than 100 KBps.

Buy Now

Correct Answer: AD

Questions 9

What is the lnkmtd process responsible for?

A. Monitoring links for any bandwidth saturation

B. Processing performance SLA probes

C. Flushing route tags addresses

D. Logging interface quality information

Buy Now

Correct Answer: B

Questions 10

Which two statements describe how IPsec phase 1 aggressive mode is different from main mode when performing IKE negotiation? (Choose two)

A. A peer ID is included in the first packet from the initiator, along with suggested security policies.

B. XAuth is enabled as an additional level of authentication, which requires a username and password.

C. A total of six packets are exchanged between an initiator and a responder instead of three packets.

D. The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.

Buy Now

Correct Answer: BC

Questions 11

Refer to exhibits.

Exhibit A shows the firewall policy and exhibit B shows the traffic shaping policy.

The traffic shaping policy is being applied to all outbound traffic; however, inbound traffic is not being evaluated by the shaping policy.

Based on the exhibits, what configuration change must be made in which policy so that traffic shaping can be applied to inbound traffic?

A. Create a new firewall policy, and the select the SD-WAN zone as Incoming Interface.

B. In the traffic shaping policy, select Assign Shaping Class ID as Action.

C. In the firewall policy, select Proxy-based as Inspection Mode.

D. In the traffic shaping policy, enable Reverse shaper, and then select the traffic shaper to use.

Buy Now

Correct Answer: D

Questions 12

Refer to the exhibit.

Which conclusion about the packet debug flow output is correct?

A. The original traffic exceeded the maximum bandwidth of the outgoing interface, and the packet was dropped.

B. The reply traffic exceeded the maximum bandwidth configured in the traffic shaper, and the packet was dropped.

C. The original traffic exceeded the maximum packets per second of the outgoing interface, and the packet was dropped.

D. The original traffic exceeded the maximum bandwidth configured in the traffic shaper, and the packet was dropped.

Buy Now

Correct Answer: D

Questions 13

Which two statements describe how IPsec phase 1 main mode is different from aggressive mode when performing IKE negotiation? (Choose two )

A. A peer ID is included in the first packet from the initiator, along with suggested security policies.

B. XAuth is enabled as an additional level of authentication, which requires a username and password.

C. A total of six packets are exchanged between an initiator and a responder instead of three packets.

D. The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance.

Buy Now

Correct Answer: BC

Exam Code: NSE7_SDW-6.4
Exam Name: Fortinet NSE 7 - SD-WAN 6.4
Last Update: Aug 22, 2023
Questions: 80

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.