NSE7_PBC-7.2試験無料問題集（91題）「Fortinet NSE 7

出題：1

A Network security administrator is searching for a solution to secure traffic going in and out of the container infrastructure.
In which two ways can Fortinet container security help secure container infrastructure? (Choose two.)

A. FortiGate NGFW can connect to the worker node and protects the container-

B. FortiGate NGFW can be placed between each application container for north-south traffic inspection

C. FortiGate NGFW and FortiSandbox can be used to secure container traffic

D. FortiGate NGFW can inspect north-south container traffic with label aware policies

正解：C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

You have been asked to develop an Azure Resource Manager infrastructure as a code template for the FortiGate-VM, that can be reused for multiple deployments. The deployment fails, and errors point to the storageAccount name.
Which two are restrictions for a storageAccount name in an Azure Resource Manager template?
(Choose two.)

A. The storageAccount name must be in lowercase.

B. The storageAccount name must use special characters.

C. The uniqueString() function must be used.

D. The storageAccount name must contain between 3 and 24 alphanumeric characters.

正解：A,D 解答を投票する

出題：3

Refer to the exhibit. The exhibit shows an active-passive high availability FortiGate pair with external and internal Azure load balancers. There is no SDN connector used in this solution Which configuration should the administrator implement?

A. Lambda IP address with one static route.

B. Probe IP address with one BGP route

C. Public load balancer IP address with two BGP routes.

D. Probe IP address with two static routes

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit. In your Amazon Web Services (AWS), you must allow inbound HTTPS access to the Customer VPC FortiGate VM from the internet. However, your HTTPS connection to the FortiGate VM in the Customer VPC is not successful.

Also, you must ensure that the Customer VPC FortiGate VM sends all the outbound Internet traffic through the Security VPC. How do you correct this Issue with minimal configuration changes? (Choose three.)

A. Add a route With your local internet public IP address as the destination and target transit gateway

B. Deploy an internet gateway, associate an EIP in the public subnet, and attach the internet gateway to the Customer VPC,

C. Deploy an internet gateway, associate an EIP in the private subnet, edit route tables, and add a new route destination 0.0.0.0/0 to the target internet gateway

D. Add route destination 0 0.0 0/0 to target the transit gateway

E. Add a route With your local internet public IP address as the destination and target internet gateway

正解：B,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Refer to the exhibit. You are configuring a second route table on a Transit Gateway to accommodate east-west traffic inspection between two VPCs. However, you are getting an error during the transit gateway route table association with the Connect attachment.

Which action Should you take to fulfill your requirement?

A. Delete the both Connect and Transport attachments from the first TGW route table

B. Add a static route in the Routes section

C. In the second route table: create a propagation with the Connect attachment.

D. Add both Associations and Propagations in the second TGW route table.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

In an SD-WAN TGW Connect topology, which three initial steps are mandatory when routing traffic from a spoke VPC to a security VPC through a Transit Gateway? (Choose three.)

A. From the security VPC TGW subnet routing table: point 0.0.0.0/0 traffic to the TGW

B. From both spoke VPCs and the security VPC, point 0.0.0.0/0 traffic to the Internet Gateway

C. From the spoke VPC internal routing table, point 0.0.0.0/0 traffic to the TGW

D. From the security VPC TGW subnet routing table: point 0.0.0.0/0 traffic to the FortiGate internal port

E. From the security VPC FortiGate internal subnet routing table, point 0.0.0.0/0 traffic to the TGW

正解：C,D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Refer to the exhibit. An administrator has deployed a FortiGate VM in Amazon Web Services (AWS) and is trying to access it using its public IP address from their local computer. However, the connection is not successful and at the same time FortiGate is not receiving any HTTPS or SSH traffic to its external interface. What should the administrator check for possible issue?

A. Run a debug flow to check any network ACLs

B. Check the inbound network security group rules

C. Check the FortiGate firewall policies

D. Check the FortiGate instance ID

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to the exhibit. You are troubleshooting a FortiGate HA floating IP issue with Microsoft Azure. After the failover, the new primary device does not have the previous primary device floating IP address.

What could be the possible issue With this scenario?

A. FortiGate port4 does not have internet access.

B. A wrong client secret credential is used

C. The error is caused by credential time expiration.

D. The Azure service principle account must have a contributor role.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Refer to the exhibit. The exhibit shows a customer deployment of two Linux instances and their main routing table in Amazon Web Services (AWS). The customer also created a Transit Gateway (TGW) and two attachments.

Which two steps are required to route traffic from Linux instances to the TGWQ (Choose two.)

A. In the TGW route table, add route propagation to 192.168.0.0/16

B. In the TGW route table, associate two attachments.

C. In the main subnet routing table in VPC A and B, add a new route with destination 0.0.0.0/0, next hop TGW.

D. In the main subnet routing table in VPC A and B, add a new route with destination 0.0.0.0/0, next hop Internet gateway (IGW).

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE7_PBC-7.2試験無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2 認定」