NSE7_PBC-7.2試験無料問題集（91題）「Fortinet NSE 7

出題：1

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD- WAN?

A. It eliminates the use of ECMP

B. You can use BGP over IPsec for maximum throughput

C. You can use GRE-based tunnel attachments

D. You can combine it with IPsec to achieve higher bandwidth

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

How does an administrator secure container environments from newly emerged security threats?

A. Use distributed network-related application control signatures.

B. Use Amazon AWS-related application control signatures

C. Use Docker-related application control signatures

D. Use Amazon AWS_S3-related application control signatures

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Refer to the exhibit. You are deploying a FortiGate-VM in Microsoft Azure using the PAYG/On- demand licensing model. After you configure the FortiGate-VM, the validation process fails, displaying the error shown in the exhibit.

What caused the validation process to fail?

A. You selected the PAYG/On-demand licensing model, but did not select correct virtual machine size.

B. You selected the Bring Your Own License (BYOL) licensing mode.

C. You selected the PAYG/On-demand licensing model, but did not associate a valid Azure subscription.

D. You selected the incorrect resource group.

正解：C 解答を投票する

出題：4

You are adding a new spoke to the existing transit VPC environment using the AWS Cloud Formation template. Which two components must you use for this deployment? (Choose two.)

A. The BGPASN value used for the transit VPC.

B. The tag value of the spoke

C. The OSPF AS value used for the hub.

D. The Amazon CloudWatch tag value.

正解：A,B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Customer XYZ has an ExpressRoute connection from Microsoft Azure to a data center. They want to secure communication over ExpressRoute, and to install an in-line FortiGate to perform intrusion prevention system (IPS) and antivirus scanning.
Which three methods can the customer use to ensure that all traffic from the data center is sent through FortiGate over ExpressRoute? (Choose three.)

A. Configure a user-defined route table

B. Define a default route where the next hop IP is the FortiGate WAN interface

C. Configure the gateway subnet as the subnet in the user-defined route table

D. Install FortiGate in Azure and build a VPN tunnel to the data center over ExpressRoute

E. Enable the redirect option in ExpressRoute to send data center traffic to a user-defined route table

正解：B,C,D 解答を投票する

出題：6

Refer to the exhibit. You are troubleshooting a FortiGate HA floating IP issue with Microsoft Azure. After the failover, the new primary device does not have the previous primary device floating IP address.

What could be the possible issue With this scenario?

A. FortiGate port4 does not have internet access.

B. A wrong client secret credential is used

C. The error is caused by credential time expiration.

D. The Azure service principle account must have a contributor role.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Refer to the exhibit. You are deploying two FortiGate VMS in HA active-passive mode with load balancers in Microsoft Azure.

Which two statements are true in this load balancing scenario? (Choose two.)

A. An internal load balancer listener is the next-hop for outgoing traffic.

B. You must add a route to the Microsoft VIP used for the health check.

C. The FortiGate public IP is the next-hop for all the traffic.

D. A dedicated management interface can be used for load balancing.

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to the exhibit. You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error message.

What could be the reason that you are getting the command not found error?

A. You must change the directory location to the root directory

B. You must assign correct permissions to the ec2-user.

C. You must move the binary file to the bin directory.

D. You must reinstall Terraform

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Refer to the exhibit. You are configuring a second route table on a Transit Gateway to accommodate east-west traffic inspection between two VPCs. However, you are getting an error during the transit gateway route table association with the Connect attachment.

Which action Should you take to fulfill your requirement?

A. Delete the both Connect and Transport attachments from the first TGW route table

B. Add a static route in the Routes section

C. In the second route table: create a propagation with the Connect attachment.

D. Add both Associations and Propagations in the second TGW route table.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE7_PBC-7.2試験無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2 認定」