- All Exams Instant Download
Which two statements are correct when traffic matches the implicit SD-WAN rule? (Choose two.)
Which two statements are correct when traffic matches the implicit SD-WAN rule? (Choose two.)A . The sdwan_service_id flag in the session information is 0.B . All SD-WAN rules have the default setting enabled.C . Traffic does not match any of the entries in the policy route table.D . Traffic is...
Based on the policies shown in the exhibits, what configuration change must be made so FortiGate performs traffic shaping on YouTube traffic?
Refer to the exhibits. Exhibit A - Exhibit B - Exhibit A shows the traffic shaping policy and exhibit B shows the firewall policy. The administrator wants FortiGate to limit the bandwidth used by YouTube. When testing, the administrator determines that FortiGate does not apply traffic shaping on YouTube traffic....
Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?
Which CLI command do you use to perform real-time troubleshooting for ADVPN negotiation?A . get router info routing-table allB . diagnose debug application ikeC . diagnose vpn tunnel listD . get ipsec tunnel listView AnswerAnswer: B Explanation: IKE real-time debug - useful when debugging ADVPN shortcut messages and spoke-to-spoke negotiations....
Based on the exhibit, which change in the measured latency will make T_MPLS_0 the new preferred member?
Refer to the exhibit. The exhibit shows the SD-WAN rule status and configuration. Based on the exhibit, which change in the measured latency will make T_MPLS_0 the new preferred member?A . When T_INET_0_0 and T_MPLS_0 have the same latency.B . When T_MPLS_0 has a latency of 100 ms.C . When...
The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule. Based on the exhibits, what can the administrator expect for traffic matching the SD-WAN rule?
Refer to the exhibits. Exhibit A Exhibit B - Exhibit A shows the configuration for an SD-WAN rule and exhibit B shows the respective rule status, the routing table, and the member status. The administrator wants to understand the expected behavior for traffic matching the SD-WAN rule. Based on the...
Which two statements about SD-WAN central management are true? (Choose two.)
Which two statements about SD-WAN central management are true? (Choose two.)A . The objects are saved in the ADOM common object database.B . It does not support meta fields.C . It uses templates to configure SD-WAN on managed devices.D . It supports normalized interfaces for SD-WAN member configuration.View AnswerAnswer: AC...
Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?
Refer to the exhibit. Which configuration change is required if the responder FortiGate uses a dynamic routing protocol to exchange routes over IPsec?A . type must be set to static.B . mode-cfg must be enabled.C . exchange-interface-ip must be enabled.D . add-route must be disabled.View AnswerAnswer: D Explanation: for using...
Based on the output shown in the exhibit, which two reasons can cause the observed behavior?
Refer to the exhibit. An administrator is troubleshooting SD-WAN on FortiGate. A device behind branch1_fgt generates traffic to the 10.0.0.0/8 network. The administrator expects the traffic to match SD-WAN rule ID 1 and be routed over T_INET_0_0. However, the traffic is routed over T_INET_1_0. Based on the output shown in...
Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change?
Refer to the exhibit. Based on the exhibit, which two actions does FortiGate perform on sessions after a firewall policy change? (Choose two.)A . FortiGate flushes all sessions.B . FortiGate terminates the old sessions.C . FortiGate does not change existing sessions.D . FortiGate evaluates new sessions.View AnswerAnswer: C, D Explanation:...
What is the route-tag setting in an SD-WAN rule used for?
What is the route-tag setting in an SD-WAN rule used for?A . To indicate the routes for health check probes.B . To indicate the destination of a rule based on learned BGP prefixes.C . To indicate the routes that can be used for routing SD-WAN traffic.D . To indicate the...
