NSE7_PBC-7.2試験無料問題集（91題）「Fortinet NSE 7

出題：1

You have created a TGW route table to route traffic from your spoke VPC to the security VPC where two FortiGate devices are inspecting traffic. Your spoke VPC CIDR block is already propagated to the Transit Gateway (TGW) route table.
Which type of attachment should you use to advertise routes through BGP from the spoke VPC to the security VPC?

A. Connect attachment

B. GRE attachment

C. Route attachment

D. VPC attachment

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which statement about FortiSandbox in Amazon Web Services (AWS) is true?

A. In AWS, virtual machines (VMs) that inspect files are constantly up and running.

B. In AWS, virtual machines (VMs) that inspect files do not have to be reset after inspecting a file.

C. FortiSandbox in AWS uses Windows virtual machines (VMs) to inspect files.

D. FortiSandbox in AWS can have a maximum of eight virtual machines (VMs) that inspect files.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which statement about immutable infrastructure in automation is true?

A. It is the practice of deploying a new server for every configuration change

B. It is the practice of modifying the existing server configuration after it is deployed

C. It is the practice of deploying two parallel servers for high availability.

D. It is the practice of applying hotfixes and OS patches after deployment

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Refer to the exhibit. Your senior administrator successfully configured a FortiGate fabric connector with the Azure resource manager, and created a dynamic address object on the FortiGate VM to connect with a windows server in Microsoft Azure. However, there is now an error on the dynamic address object, and you must resolve the issue.

How do you resolve this issue?

A. Run diagnose debug application azd -l on FortiGate.

B. In the Microsoft Azure portal, set the correct tag values for the windows server.

C. In the Microsoft Azure portal, access the windows server, obtain the private IP address, and assign the IP address under the FortiGate-VM AzureLab address object.

D. Delete the address object and recreate a new address object with the type set to FQDN.

正解：B 解答を投票する

出題：5

Refer to the exhibit. You are configuring a second route table on a Transit Gateway to accommodate east-west traffic inspection between two VPCs. However, you are getting an error during the transit gateway route table association with the Connect attachment.

Which action Should you take to fulfill your requirement?

A. Delete the both Connect and Transport attachments from the first TGW route table

B. Add a static route in the Routes section

C. In the second route table: create a propagation with the Connect attachment.

D. Add both Associations and Propagations in the second TGW route table.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

You are configuring the failover settings on a FortiGate active-passive SDN connector solution in Microsoft Azure. Which two mandatory settings are required after the initial deployment? (Choose two)

A. FortiGate license file

B. Resource group name

C. Subscription-id

D. Active FortiGate serial number

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What are three important steps required to get Terraform ready using Microsoft Azure Cloud Shell? (Choose three.)

A. Subscribe to Terraform in Azure.

B. Set up a storage account in Azure.

C. use the -O command to download Terraform.

D. Move the Terraform file to the bin directory.

E. Use the wget (te=aform vession) command to upload Terraform.

正解：B,D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to Exhibit. You are troubleshooting a Microsoft Azure SDN connector issue on your FortiGate VM in Azure.

Which three settings should you check while troubleshooting this problem? (Choose three.)

A. use the diag sys va command.

B. Ensure FortiGate port1 has internet access

C. Use the show vdom command to see hidden VDOMs.

D. Ensure IP address 169.254.169.254 is not blocked

E. Ensure FortiGate port4 can resolve DNS.

正解：B,D,E 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

You are adding more spoke VPCs to an existing hub and spoke topology. Your goal is to finish this task in the minimum amount of time without making errors.
Which Amazon AWS services must you subscribe to accomplish your goal?

A. CloudWatch, S3

B. GuardDuty, CloudWatch

C. WAF, DynamoDB

D. Inspector, S3

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE7_PBC-7.2試験無料問題集「Fortinet NSE 7 - Public Cloud Security 7.2 認定」