لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which diagnostic command can you use to show the SD-WAN rules interface information and state?
A. diagnose sys virtual-wan-link neighbor
B. diagnose sys virtual—wan—link route-tag-list
C. diagnose sys virtual—wan—link member
D. diagnose sys virtual-wan-link service
عرض الإجابة
اجابة صحيحة: BD
السؤال #2
FortiGate has multiple dial-up VPN interfaces incoming on port1 that match only FIRST_VPN. Which two configuration changes must be made to both IPsec VPN interfaces to allow incoming connections to match all possible IPsec dial-up interfaces? (Choose two.)
A. Specify a unique peer ID for each dial-up VPN interface
B. Use different proposals are used between the interfaces
C. Configure the IKE mode to be aggressive mode
D. Use unique Diffie Hellman groups on each VPN interface
عرض الإجابة
اجابة صحيحة: CD
السؤال #3
Which are two benefits of using CLI templates in FortiManager? (Choose two.)
A. You can reference meta fields
B. You can configure interfaces as SD-WAN members without having to remove references first
C. You can configure FortiManager to sync local configuration changes made on the managed device, to the CLI template
D. You can configure advanced CLI settings
عرض الإجابة
اجابة صحيحة: C
السؤال #4
What are two roles that SD-WAN orchestrator plays when it works with FortiManager? (Choose two )
A. It configures and monitors SD-WAN networks on FortiGate devices that are managed by FortiManager
B. It acts as a standalone device to assist FortiManager to manage SD-WAN interfaces on the managed FortiGate devices
C. It acts as a hub FortiGate with an SD-WAN interface enabled and managed along with other FortiGate devices by FortiManager
D. It acts as an application that is released and signed by Fortinet to run as a part of management extensions on FortiManager
عرض الإجابة
اجابة صحيحة: BD
السؤال #5
The device exchanges routes using IBGP. Which two statements are correct about the IBGP configuration and routing information on the device? (Choose two.)
A. Each BGP route is three hops away from the destination
B. ibgp-multipath is disabled
C. additional-path is enabled
D. You can run the get router info routing-table database command to display the additional paths
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which statement about using BGP routes in SD-WAN is true?
A. Adding static routes must be enabled on all ADVPN interfaces
B. VPN topologies must be form using only BGP dynamic routing with SD-WAN
C. Learned routes can be used as dynamic destinations in SD-WAN rules
D. Dynamic routing protocols can be used only with non-encrypted traffic
عرض الإجابة
اجابة صحيحة: BD
السؤال #7
Refer to exhibits. Exhibit A shows the source NAT global setting and exhibit B shows the routing table on FortiGate. Based on the exhibits, which two statements about increasing the port2 interface priority to 20 are true? (Choose two.)
A. All the existing sessions that do not use SNAT will be flushed and routed through port1
B. All the existing sessions will continue to use port2, and new sessions will use port1
C. All the existing sessions using SNAT will be flushed and routed through port1
D. All the existing sessions will be blocked from using port1 and port2
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Refer to the exhibit, which shows the IPsec phase 1 configuration of a spoke. What must you configure on the IPsec phase 1 configuration for ADVPN to work with SD-WAN?
A. You must set ike-version to 1
B. You must enable net-device
C. You must enable auto-discovery-sender
D. You must disable idle-timeout
عرض الإجابة
اجابة صحيحة: B
السؤال #9
Refer to exhibits. Exhibit
A. Exhibit
B. Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SO-WAN interface and the static routes configuration
A. Subnets 100
B. SD-WAN interface becomes disabled and port1 becomes the WAN interface
C. Dead members require manual administrator access to bring them back alive
D. Port2 might become alive when a single response is received from an SLA server
عرض الإجابة
اجابة صحيحة: C
السؤال #10
What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)
A. The FortiGate cloud key has not been added to the FortiGate cloud portal
B. FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager
C. The zero-touch provisioning process has completed internally, behind FortiGate
D. FortiGate has obtained a configuration from the platform template in FortiGate cloud
E. A factory reset performed on FortiGate
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Two hub-and-spoke groups are connected through a site-to-site IPsec VPN between Hub 1 and Hub 2. The administrator configured ADVPN on both hub-and- spoke groups. Which two outcomes are expected if a user in Toronto sends traffic to London? (Choose two.)
A. London generates an IKE information message that contains the Toronto public IP address
B. Traffic from Toronto to London triggers the dynamic negotiation of a direct site-to-site VPN
C. Toronto needs to establish a site-to-site tunnel with Hub 2 to bypass Hub 1
D. The first packets from Toronto to London are routed through Hub 1 then to Hub 2
عرض الإجابة
اجابة صحيحة: C
السؤال #12
The exhibit shows the SD-WAN rule status and configuration. Based on the exhibit, which change in the measured latency will make T_MPLS_0 the new preferred member?
A. When T_INET_0_0 and T_MPLS_0 have the same latency
B. When T_MPLS_0 has a latency of 100 ms
C. When T_INET_0_0 has a latency of 250 ms
D. When T_N1PLS_0 has a latency of 80 ms
عرض الإجابة
اجابة صحيحة: BC

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.