Download Fortinet NSE 7 -SD-WAN 7-2.NSE7_SDW-7.2.ExamTopics.2025-05-22.70q.vcex

Vendor: Fortinet
Exam Code: NSE7_SDW-7.2
Exam Name: Fortinet NSE 7 -SD-WAN 7-2
Date: May 22, 2025
File Size: 7 MB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: TAURUSSIM_20OFF

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Refer to the exhibit.
The exhibit shows the BGP configuration on the hub in a hub-and-spoke topology. The administrator wants BGP to advertise prefixes from spokes to other spokes over the IPsec overlays, including additional paths. However, when looking at the spoke routing table, the administrator does not see the prefixes from other spokes and the additional paths.
Based on the exhibit, which three settings must the administrator configure inside each BGP neighbor group so spokes can learn other spokes prefixes and their additional paths? (Choose three.)
  1. Enable soft-reconfiguration
  2. Enable route-reflector-client
  3. Set additional-path to send
  4. Set adv-additional-path to the number of additional paths to advertise
  5. Set advertisement-interval to the number of additional paths to advertise
Correct answer: BCD
Question 2
Refer to the exhibits.
Exhibit A.
Exhibit B.
An administrator is testing application steering in SD-WAN. Before generating test traffic, the administrator collected the information shown in exhibit A.
After generating GoToMeeting test traffic, the administrator examined the respective traffic log on FortiAnalyzer, which is shown in exhibit B. The administrator noticed that the traffic matched the implicit SD-WAN rule, but they expected the traffic to match rule ID 1.
Which two reasons explain why some log messages show that the traffic matched the implicit SD-WAN rule? (Choose two.)
  1. Port1 and port2 do not have a valid route to the destination.
  2. The session 3-tuple did not match any of the existing entries in the ISDB application cache.
  3. Full SSL inspection is not enabled on the matching firewall policy.
  4. FortiGate did not refresh the routing information on the session after the application was detected.
Correct answer: BD
Question 3
Which diagnostic command can you use to show the configured SD-WAN zones and their assigned members?
  1. diagnose sys sdwan member
  2. diagnose sys sdwan interface
  3. diagnose sys sdwan zone
  4. diagnose sys sdwan service
Correct answer: C
Question 4
Which statement is correct about SD-WAN and ADVPN?
  1. SD-WAN can steer traffic to ADVPN shortcuts only for rules defined with strategy manual or best quality.
  2. SD-WAN does not monitor the health and performance of ADVPN shortcuts.
  3. SD-WAN cannot steer traffic to ADVPN shortcuts established over IPSec overlays if the zone contains physical interfaces.
  4. SD-WAN can steer traffic to ADVPN shortcuts established over IPsec overlays configured as SD-WAN members.
Correct answer: D
Question 5
Refer to the exhibit.
The exhibit shows the SD-WAN rule status and configuration.
Based on the exhibit, which change in the measured latency will make T_MPLS_0 the new preferred member?
  1. When T_INET_0_0 has a latency of 250 ms.
  2. When T_MPLS_0 has a latency of 80 ms.
  3. When T_INET_0_0 and T_MPLS_0 have the same latency.
  4. When T_MPLS_0 has a latency of 100 ms.
Correct answer: B
Question 6
What is a benefit of using application steering in SD-WAN?
  1. The traffic always skips the regular policy routes.
  2. You do not need to configure firewall policies that accept the SD-WAN traffic.
  3. You steer traffic based on the detected application.
  4. You do not need to enable SSL inspection.
Correct answer: C
Question 7
Refer to the exhibit.
Based on the exhibit, which two statements are correct about the health of the selected members? (Choose two.)
  1. After FortiGate switches to active mode, the SLA performance rule never fallsback to passive monitoring.
  2. FortiGate passively monitors the member if TCP traffic is passing through the member.
  3. FortiGate can offload the traffic that is subject to passive monitoring to hardware.
  4. During passive monitoring, the SLA performance rule cannot detect dead members.
Correct answer: BD
Question 8
Which two statements about the SD-WAN members are true? (Choose two.)
  1. Interfaces of type virtual wire pair can be used as SD-WAN members.
  2. You can manually define the SD-WAN members sequence number.
  3. An SD-WAN member can belong to two or more SD-WAN zones.
  4. Interfaces of type VLAN can be used as SD-WAN members.
Correct answer: BD
Question 9
Refer to the exhibit.
An administrator is troubleshooting SD-WAN on FortiGate. A device behind branch1_fgt generates traffic to the 10.0.0.0/8 network. The administrator expects the traffic to match SD-WAN rule ID 1 and be routed over T_INET_0. However, the traffic is routed over T_INET_1.
Based on the output shown in the exhibit, which two reasons can cause the observed behavior? (Choose two.)
  1. T_INET_1 has a lower route priority value (higher priority) than T_INET_0.
  2. The traffic matches a regular policy route configured with T_INET_1 as the outgoing device.
  3. T_INET_1 has a higher member configuration priority than T_INET_0.
  4. T_INET_0 does not have a valid route to the destination.
Correct answer: BD
Question 10
Within IPsec tunnel templates available on FortiManager, which template will you use to configure static tunnels for a hub and spoke topology?
  1. Hub_IPsec_Recommended
  2. Static_IPsec_Recommended
  3. IPsec Fortinet Recommended
  4. Branch IPsec Recommended
Correct answer: D
Question 11
The administrator uses the FortiManager SD-WAN overlay template to prepare an SD-WAN deployment. With information provided through the SD-WAN overlay template wizard, FortiManager creates templates ready to install on spoke and hub devices.
Select three templates created by the SD-WAN overlay template for a spoke device. (Choose three.)
  1. IPsec tunnel template
  2. BGP template
  3. Overlay template
  4. System template
  5. CLI template
Correct answer: ABE
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!