Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Note! NSE7_SDW-6.4 has been withdrawn. The new exam code is NSE7_SDW-7.0

NSE7_SDW-6.4 Practice Exam Questions with Answers Fortinet NSE 7 - SD-WAN 6.4.5 Certification

Question # 6

Refer to exhibits.

NSE7_SDW-6.4 question answer

NSE7_SDW-6.4 question answer

Exhibit A shows the source NAT global setting and exhibit B shows the routing table on FortiGate.

Based on the exhibits, which two statements about increasing the port2 interface priority to 20 are true? (Choose two.)

A.

All the existing sessions that do not use SNAT will be flushed and routed through port1.

B.

All the existing sessions will continue to use port2, and new sessions will use port1.

C.

All the existing sessions using SNAT will be flushed and routed through port1.

D.

All the existing sessions will be blocked from using port1 and port2.

Full Access
Question # 7

Which diagnostic command can you use to show interface-specific SLA logs for the last 10 minutes?

A.

diagnose sys sdwan log

B.

diagnose sys sdwan health-check

C.

diagnose sys sdwan intf-sla-log

D.

diagnose sys sdwan sla-log

Full Access
Question # 8

Refer to the exhibit.

NSE7_SDW-6.4 question answer

Which two statements about the IPsec VPN configuration and the status of the IPsec VPN tunnel are true? (Choose two.)

A.

FortiGate creates separate virtual interfaces for each dial-up client.

B.

FortiGate creates a single IPsec virtual interface that is shared by all clients.

C.

FortiGate maps the remote gateway 100.64.3.1 to tunnel index interface 1.

D.

FortiGate does not install IPsec static routes for remote protected networks in the routing table.

Full Access
Question # 9

Refer to the exhibit.

NSE7_SDW-6.4 question answer

Which statement about the command route-tag in the SD-WAN rule is true?

A.

It enables the SD-WAN rule to load balance and assign traffic with a route tag

B.

It tags each route and references the tag in the routing table.

C.

It uses route tags for a BGP community and assigns the SD-WAN rules with same tag.

D.

It ensures route tags match the SD-WAN rule based on the rule order

Full Access
Question # 10

Which three parameters are available to configure SD-WAN rules? (Choose three.)

A.

Application signatures

B.

Type of physical link connection

C.

URL categories

D.

Source and destination IP address

E.

Internet service database (ISDB) address object

Full Access
Question # 11

Refer to exhibits.

NSE7_SDW-6.4 question answer

NSE7_SDW-6.4 question answer

Exhibit A shows the SD-WAN rules and exhibit B shows the traffic logs. The SD-WAN traffic logs reflect how FortiGate processed traffic.

Which two statements about how the configured SD-WAN rules are processing traffic are true? (Choose two.)

A.

The implicit rule overrides all other rules because parameters widely cover sources and destinations.

B.

SD-WAN rules are evaluated in the same way as firewall policies: from top to bottom.

C.

The All_Access_Rules rule load balances Vimeo application traffic among SD-WAN member interfaces.

D.

The initial session of an application goes through a learning phase in order to apply the correct rule.

Full Access
Question # 12

In which two ways does FortiGate learn the FortiManager IP address or FQDN for zero-touch provisioning? (Choose two.)

A.

From a FortiGuard definitions update

B.

From the central management configuration configured in FortiDeploy

C.

From a DHCP server configured with options 240 or 241

D.

From another FortiGate device in the same local network

Full Access