Practice Free NSE6_SDW_AD-7.6 Exam Online Questions
Which two performance SLA protocols enable you to verify that the server response contains a specific value? (Choose two.)
- A . http
- B . icmp
- C . twamp
- D . dns
Refer to the exhibit.
You configure SD-WAN on a standalone FortiGate device. You want to create an SD-WAN rule that steers Facebook and Linkedin traffic through the less costly internet link. The FortiGate GUI page appears as shown in the exhibit.
What should you do to set Facebook and LinkedIn as destinations?
- A . Install a license to allow applications as destinations of SD-WAN rules.
- B . In the Internet service field, select Facebook and LinkedIn.
- C . Enable the applications as destinations of the SD-WAN rule feature visibility.
- D . You cannot configure applications as destinations of an SD-WAN rule on a standalone FortiGate device.
B
Explanation:
In an SD-WAN rule, you can steer application traffic by using Internet Service Database (ISDB) entries. Facebook and LinkedIn are predefined ISDB objects in FortiGate, so the correct way is to select them in the Internet service field under Destination. This ensures that all traffic to these applications is matched and routed through the chosen (less costly) link.
Which statement reflects how BGP tags work with SD-WAN rules?
- A . VPN topologies are formed using only BGP dynamic routing with SD-WAN.
- B . Route tags are used for a BGP community and the SD-WAN rules are assigned the same tag.
- C . BGP tags require that the adding of static routes be enabled on all ADVPN interfaces.
- D . BGP tags match the SD-WAN rule based on the order that these rules were installed.
FortiGate is connected to the internet and is obtaining the IP address on its egress interlace from the DHCP server.
Which statement is due when FortiGate restarts and receives preconfigured settings to install as part of a zero-touch provisioning process?
- A . The zero-touch provisioning process completes internally, behind FortiGate
- B . FortiManager registers FortiGate after the restart and retrieves the existing configuration
- C . The FortiGate cloud key added to the FortiGate cloud portal and FortiGate performs a factory reset before the restart
- D . FortiDeploy connects with FortiGate and provides the initial configuration to contact FortiManager
Which two statements about SD-WAN zones are true? (Choose two.)
- A . You are allowed to create static routes that reference an SD-WAN zone.
- B . After you add an interface to SD-WAN as member, you must use zones to reference the member in firewall policies.
- C . You must configure the SD-WAN zone with a minimum of two members.
- D . You can configure only one SD-WAN zone per VDOM.
Which SD-WAN feature allows for the prioritization of critical traffic over less important traffic?
- A . Load balancing
- B . Quality of service (QoS)
- C . Application steering
- D . Link steering
Refer to the exhibits.
The administrator configured a device blueprint and CLI scripts as shown in the exhibits, to prepare for onboarding FortiGate devices in the company’s stores. Later, a technician prepares a FortiGate 51G with a basic configuration and connects it to the network. The basic configuration contains the port1 configuration and the minimal configuration required to allow the device to connect to FortiManager.
After the device first connects to FortiManager, FortiManager updates the device configuration.
Based on the exhibits, which actions does FortiManager perform?
- A . FortiManager updates the device configuration according to the selected templates. It applies the corp_st template first.
- B . FortiManager does not update the port1 configuration because FortiManager does not change the configuration of interfaces with fgfm access.
- C . FortiManager updates access rights only for port1. FortiManager cannot update the IP address because it was already set manually.
- D . FortiManager updates the configuration of port1, port2, and port5. The three ports might get new IP addresses.
D
Explanation:
Enforce Device Configuration is enabled and the blueprint applies the provisioning CLI templates. The LAN-interface script sets port1 and port2 to DHCP and assigns a static IP to port5 (using the branch_id variable). Therefore, when FortiManager pushes the blueprint, it updates the configurations of port1, port2, and port5 – and their IP addresses may change accordingly.
Refer to exhibits.
Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN interface and the static routes configuration. Port1 and port2 are member interfaces of the SD-WAN, and port2 becomes a dead member after reaching the failure thresholds.
Which statement about the dead member is correct?
- A . Port2 might become alive when a single response is received from an SLA server.
- B . Dead members require manual administrator access to bring them back alive.
- C . Subnets 100.64.1.0/24 and 172.20.0.0/16 are reachable only through port1.
- D . SD-WAN interface becomes disabled and port1 becomes the WAN interface.
Which statement defines how a per-IP traffic shaper of 10 Mbps is applied to the entire network?
- A . The 10 Mbps bandwidth is shared equally among the IP addresses.
- B . Each IP is guaranteed a minimum 10 Mbps of bandwidth.
- C . FortiGate allocates each IP address a maximum 10 Mbps of bandwidth.
- D . A single user uses the allocated bandwidth divided by total number of users.
Refer to the exhibit.
Which conclusion about the packet debug flow output is correct?
- A . The packet size exceeded the outgoing interface MTU.
- B . The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.
- C . The number of concurrent sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the firewall policy, and the packet was dropped.
- D . The total number of daily sessions for 10.1.10.1 exceeded the maximum number of concurrent sessions configured in the traffic shaper, and the packet was dropped.