NSE7_PBC-7.2試験無料問題集（91題）「Fortinet NSE 7

出題：1

Refer to the exhibit. Consider the active-active load balance sandwich scenario in Microsoft Azure.

What are two important facts in the active-active load balance sandwich scenario? (Choose two )

A. It is recommended to enable NAT on FortiGate policies.

B. It supports session synchronization for handling asynchronous traffic.

C. It uses the vdom-exception command to exclude the configuration from being synced

D. It uses the FGCP protocol

正解：A,B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

How does the immutable infrastructure strategy work in automation?

A. It runs two live environments for configuration changes.

B. It runs one idle and two live environments for configuration changes.

C. It runs one idle and a single live environment for configuration changes.

D. It runs a single live environment for configuration changes.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

You are using Red Hat Ansible to change the FortiGate VM configuration. What is the minimum number of files you must create and which file must you use to configure the target FortiGate IP address?

A. Create two files and use the .yami file.

B. Create one file and use the variable file

C. Create three files and use the .yarai file.

D. Create two files and use the hosts file

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit. An administrator is trying to deploy a FortiGate VM in Microsoft Azure using Terraform. However, during the configuration, the Azure client secret is no longer visible in the Azure portal.

How would the administrator obtain the Azure client secret to configure on Terratorm?

A. The administrator must create a new Azure account

B. The administrator must obtain the client secret through Azure Cloud Shell.

C. Log in to the Azure CLI with power user to obtain the client secret

D. The administrator can create a new client secret

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

In an SD-WAN TGW Connect topology, which three initial steps are mandatory when routing traffic from a spoke VPC to a security VPC through a Transit Gateway? (Choose three.)

A. From the security VPC TGW subnet routing table: point 0.0.0.0/0 traffic to the TGW

B. From both spoke VPCs and the security VPC, point 0.0.0.0/0 traffic to the Internet Gateway

C. From the spoke VPC internal routing table, point 0.0.0.0/0 traffic to the TGW

D. From the security VPC TGW subnet routing table: point 0.0.0.0/0 traffic to the FortiGate internal port

E. From the security VPC FortiGate internal subnet routing table, point 0.0.0.0/0 traffic to the TGW

正解：C,D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

When configuring the FortiCASB policy, which three configuration options are available? (Choose three.)

A. Antivirus policies

B. Data loss prevention policies

C. Threat protection policies

D. Compliance policies

E. Intrusion prevention policies

正解：B,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD- WAN?

A. It eliminates the use of ECMP

B. You can use BGP over IPsec for maximum throughput

C. You can use GRE-based tunnel attachments

D. You can combine it with IPsec to achieve higher bandwidth

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to the exhibit. An administrator deployed a FortiGate-VM in a high availability (HA) (active/passive) architecture in Amazon Web Services (AWS) using Terraform for testing purposes. At the same time, the administrator deployed a single Linux server using AWS Marketplace.

Which two options are available for the administrator to delete all the resources created in this test? (Choose two.)

A. Use the terraform validate command.

B. The administrator must manually delete the Linux server.

C. Use the terraform destroy command

D. Use the terraform destroy all command.

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Refer to Exhibit. The exhibit shows the Connect Peers settings on Amazon Web Services (AWS) transit gateway attachments with two FortiGate VMS in a security VPC.

Which two statements are correct? (Choose two.)

A. The BGP inside CIDR blocks can be any CIDR block with /29

B. The peer GRE address is the FortiGate external interface IP address.

C. The Peer GRE address is the FortiGate internal interface IP address

D. The Transit Gateway GRE address is auto-generated

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE7_PBC-7.2試験無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2 認定」