Fortinet NSE7_EFW-7.2 Real Exam Questions
The questions for NSE7_EFW-7.2 were last updated at Nov 20,2024.
- Exam Code: NSE7_EFW-7.2
- Exam Name: Fortinet NSE 7 - Enterprise Firewall 7.2
- Certification Provider: Fortinet
- Latest update: Nov 20,2024
Which ADVPN configuration must be configured using a script on fortiManager, when using VPN Manager to manage fortiGate VPN tunnels?
- A . Enable AD-VPN in IPsec phase 1
- B . Disable add-route on hub
- C . Configure IP addresses on IPsec virtual interlaces
- D . Set protected network to all
Exhibit.
Refer to the exhibit, which contains an active-active toad balancing scenario.
During the traffic flow the primary FortiGate forwards the SYN packet to the secondary FortiGate.
What is the destination MAC address or addresses when packets are forwarded from the primary FortiGate to the secondary FortiGate?
- A . Secondary physical MAC port1
- B . Secondary virtual MAC port1
- C . Secondary virtual MAC port1 then physical MAC port1
- D . Secondary physical MAC port2 then virtual MAC port2
Exhibit.
Refer to the exhibit, which provides information on BGP neighbors.
Which can you conclude from this command output?
- A . The router are in the number to match the remote peer.
- B . You must change the AS number to match the remote peer.
- C . BGP is attempting to establish a TCP connection with the BGP peer.
- D . The bfd configuration to set to enable.
Which two statements about metadata variables are true? (Choose two.)
- A . You create them on FortiGate
- B . They apply only to non-firewall objects.
- C . The metadata format is $<metadata_variabie_name>.
- D . They can be used as variables in scripts
Exhibit.
Refer to the exhibit, which contains the partial ADVPN configuration of a spoke.
Which two parameters must you configure on the corresponding single hub? (Choose two.)
- A . Set auto-discovery-sender enable
- B . Set ike-version 2
- C . Set auto-discovery-forwarder enable
- D . Set auto-discovery-receiver enable