NSE7_PBC-7.2 Free Questions

Question #1

Refer to the exhibit

You are tasked to deploy a FortiGate VM with private and public subnets in Amazon Web Services (AWS).

You examined the variables.tf file.

What will be the final result after running the terraform init and terraform apply commands?

A . Terraform will not deploy a FortiGate VM
B . Terraform will deploy a FortiGate VM in the eu-West-Ia region with private and public subnets.
C . Terraform will deploy a FortiGate VM in the eu-West-1a region with two subnets and byol license.
D . Terraform will deploy a FortiGate VM in the eu-West-Ia region without any subnets.

Reveal Solution Hide Solution

Question #2

You have created a TGW route table to route traffic from your spoke VPC to the security VPC where two FortiGate devices are inspecting traffic. Your spoke VPC CIDR block is already propagated to the Transit Gateway (TGW) route table.

Which type of attachment should you use to advertise routes through BGP from the spoke VPC to the security VPC?

A . Connect attachment
B . VPC attachment
C . Route attachment
D . GRE attachment

Reveal Solution Hide Solution

Question #3

Your administrator instructed you to deploy an Azure vWAN solution to create a connection between the main company site and branch sites to the other company VNETs.

What are the two best connection solutions available between your company headquarters, branch sites, and the Azure vWAN hub? (Choose two.)

A . ExpressRoute
B . GRE tunnels
C . SSL VPN connections
D . An L2TP connection
E . VPN Gateway

Reveal Solution Hide Solution

Correct Answer: AE
AE

Explanation:

The two best connection solutions available between your company headquarters, branch sites, and the Azure vWAN hub are A) ExpressRoute and E. VPN Gateway.

According to the Azure documentation for Virtual WAN, ExpressRoute and VPN Gateway are two of the supported connectivity options for connecting your on-premises sites and Azure virtual networks to the Azure vWAN hub1. These options provide secure, reliable, and high-performance connectivity for your network traffic.

ExpressRoute is a service that lets you create private connections between your on-premises sites and Azure. ExpressRoute connections do not go over the public internet, and offer more reliability,

faster speeds, lower latencies, and higher security than typical connections over the internet2.

VPN Gateway is a service that lets you create encrypted connections between your on-premises sites and Azure over the internet using IPsec/IKE protocols. VPN Gateway also supports point-to-site VPN connections for individual clients using OpenVPN or IKEv2 protocols3.

The other options are incorrect because:

GRE tunnels are not a supported connectivity option for Azure vWAN. GRE is a protocol that encapsulates packets for tunneling purposes. GRE tunnels are established between the connect attachment and your appliance in Azure vWAN4.

SSL VPN connections are not a supported connectivity option for Azure vWAN. SSL VPN is a type of VPN that uses the Secure Sockets Layer (SSL) protocol to secure the connection between a client and a server. SSL VPN is not compatible with the Azure vWAN hub5.

An L2TP connection is not a supported connectivity option for Azure vWAN. L2TP is a protocol that creates a tunnel between two endpoints at the data link layer (Layer 2) of the OSI model. L2TP is not compatible with the Azure vWAN hub.

1: Azure Virtual WAN Overview | Microsoft Learn 2: [ExpressRoute overview – Azure ExpressRoute |

Microsoft Docs] 3: [VPN Gateway – Virtual Networks | Microsoft Azure] 4: [Transit Gateway Connect –

Amazon Virtual Private Cloud] 5: [SSL VPN – Wikipedia] : [Layer 2 Tunneling Protocol – Wikipedia]

Question #4

Refer to the exhibit

You deployed an HA active-passive FortiGate VM in Microsoft Azure.

Which two statements regarding this particular deployment are true? (Choose two.)

A . During the failover, the passive FortiGate issues API calls to Azure
B . Use the vdom-excepticn command to synchronize the configuration.
C . There is no SLA for API calls from Microsoft Azure.
D . By default, the configuration does not synchromze between the primary and secondary devices.

Reveal Solution Hide Solution

Question #5

You are adding more spoke VPCs to an existing hub and spoke topology Your goal is to finish this task in the minimum amount of time without making errors.

Which Amazon AWS services must you subscribe to accomplish your goal?

A . GuardDuty, CloudWatch
B . WAF, DynamoDB
C . Inspector, S3
D . CloudWatch, S3

Reveal Solution Hide Solution

Question #6

Refer to the exhibit

You are tasked with deploying a webserver and FortiGate VMS in AWS_ You are using Terraform to automate the process

Which two important details should you know about the Terraform files? (Choose two.)

A . All the output values are available after a successful terraform apply command
B . The subnet_private 1 value is defined in the variables . tf file
C . After the deployment, Terraform output values are visible only through AWS CloudShell.
D . You must specify all the AWS credentials in the output. of file.

Reveal Solution Hide Solution

[email protected]

Monday - Sunday 9:00am - 6:00pm

NSE7_PBC-7.2 Free Questions

Fortinet NSE7_PBC-7.2 Real Exam Questions

The questions for NSE7_PBC-7.2 were last updated at Nov 18,2024.

[email protected]

Monday - Sunday 9:00am - 6:00pm