← Back to exam page

NSE7_SDW-6.4 Fortinet NSE 7 - SD-WAN 6.4.5

Loading demo links...

Showing 7–9 of 10 questions

Question 7

Which statement is correct about SD-WAN and ADVPN?

Select an option, then click Submit answer.

  • You must use OSPF.

  • SD-WAN can steer traffic to ADVPN shortcuts established over IPsec overlays configured as SD-WAN members.

  • Routes for ADVPN shortcuts must be manually configured.

  • SD-WAN does not monitor the health and performance of ADVPN shortcuts.
Question 8

Refer to the exhibit.

C:\Users\wk\Desktop\mudassar\Untitled.png

What must you configure to enable ADVPN?

Select an option, then click Submit answer.

  • On the hub VPN, only the device needs additional phase one sett

  • ADVPN should only be enabled on unmanaged FortiGate devices.

  • Each VPN device has a unique pre-shared key configured separately on phase one

  • The protected subnets should be set to address object to all (0.0 .0. 0/0).
Question 9

Refer to the exhibits.

Graphical user interface, application Description automatically generated

Table Description automatically generated

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member and the static routes configuration.

If port2 is detected dead by FortiGate, which expected behavior is correct?

Select an option, then click Submit answer.

  • Port2 becomes alive after one successful probe is detected.

  • The SD-WAN interface becomes disabled and port1 becomes the WAN interface.

  • Dead members require manual administrator access to bring them back alive.

  • Subnets 10.0.20.0/23 and 172.20.0.0/16 are reachable only through port1.