NSE7_PBC-7.2試験無料問題集（91題）「Fortinet NSE 7

出題：1

Which two Amazon Web Services (AWS) topologies support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)

A. A multiple VPC deployment utilizing a transit VPC topology

B. A multiple VPC deployment utilizing a transit gateway

C. A single VPC deployment with multiple subnets and a NAT gateway

D. A single VPC deployment with multiple subnets

正解：A,B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Refer to the exhibit. You have deployed a Linux EC2 instance in Amazon Web Services (AWS) with the settings shown on the exhibit What next step must the administrator take to access this instance from the internet?

A. Configure the user name and password.

B. Enable source and destination checks on the instance

C. Enable SSH and allocate it to the device

D. Allocate an Elastic IP address and assign it to the instance

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

A Network security administrator is searching for a solution to secure traffic going in and out of the container infrastructure.
In which two ways can Fortinet container security help secure container infrastructure? (Choose two.)

A. FortiGate NGFW can connect to the worker node and protects the container-

B. FortiGate NGFW can be placed between each application container for north-south traffic inspection

C. FortiGate NGFW and FortiSandbox can be used to secure container traffic

D. FortiGate NGFW can inspect north-south container traffic with label aware policies

正解：C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit. You are configuring a second route table on a Transit Gateway to accommodate east-west traffic inspection between two VPCs. However, you are getting an error during the transit gateway route table association with the Connect attachment.

Which action Should you take to fulfill your requirement?

A. Delete the both Connect and Transport attachments from the first TGW route table

B. Add a static route in the Routes section

C. In the second route table: create a propagation with the Connect attachment.

D. Add both Associations and Propagations in the second TGW route table.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Refer to the exhibit. What would be the impact of confirming to delete all the resources in Terraform?

A. It destroys all the resources in the state file.

B. It destroys all the resources in the . tfvars file

C. It destroys all the resources in the resource group

D. It destroys all the resources tied to the AWS Identity and Access Management (1AM) user.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Refer to the exhibit. In your Amazon Web Services (AWS) virtual private cloud (VPC), you must allow outbound access to the internet and upgrade software on an EC2 instance, without using a NAT instance. This specific EC2 instance is running in a private subnet: 10.0.1.0/24. Also, you must ensure that the EC2 instance source IP address is not exposed to the public internet. There are two subnets in this VPC in the same availability zone, named public (10.0.0.0/24) and private (10.0.1.0/24).

How do you achieve this outcome with minimum configuration?

A. Deploy a NAT gateway with an EIP in the public subnet, edit route tables, select Public-route, and delete the route destination 10.0.0.0/16 to target local.

B. Deploy a NAT gateway with an EIP in the private subnet, edit route tables, select Private- route, and add a new route destination 0.0.0.0/0 to the target internet gateway.

C. Deploy a NAT gateway with an EIP in the public subnet, edit route tables, select Private-route and add a new route destination 0.0.0.0/0 to target the NAT gateway.

D. Deploy a NAT gateway with an EIP in the private subnet, edit the public main routing table, and change the destination route 0.0.0.0/0 to the target NAT gateway.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

You are deploying Amazon Web Services (AWS) GuardDuty to monitor malicious or unauthorized behaviors related to AWS resources. You will also use the Fortinet aws-lambda-guardduty script to translate feeds from AWS GuardDuty findings into a list of malicious IP addresses. FortiGate can then consume this list as an external threat feed.
Which Amazon AWS services must you subscribe to in order to use this feature?

A. Inspector, Shield, GuardDuty, S3, and DynamoDB.

B. GuardDuty, CloudWatch, S3, and DynamoDB.

C. WAF, Shield, GuardDuty, S3, and DynamoDB.

D. GuardDuty, CloudWatch, S3, Inspector, WAF, and Shield.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

An organization deploys a FortiGate-VM (VM04 / c4.xlarge) in Amazon Web Services (AWS) and configures two elastic network interfaces (ENIs). Now, the same organization wants to add additional ENIs to support different workloads in their environment.
Which action can you take to accomplish this?

A. None, you cannot create and add additional ENIs to an existing FortiGate-VM.

B. Create the ENI and attach it to FortiGate.

C. Create the ENI, shut down FortiGate, attach the ENI to FortiGate, and then start FortiGate.

D. Create the ENI, attach it to FortiGate, and then restart FortiGate.

正解：B 解答を投票する

出題：9

What is the bandwidth limitation of an Amazon Web Services (AWS) transit gateway VPC attachment?

A. Up to 1.25 Gbps per attachment

B. Up to 1 Gbps per attachment

C. Up to 50 Gbps per attachment

D. Up to 10 Gbps per attachment

正解：C 解答を投票する

NSE7_PBC-7.2試験無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2 認定」