Month End Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the Fortinet Network Security Expert NSE6_SDW_AD-7.6 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam NSE6_SDW_AD-7.6 Premium Access

View all detail and faqs for the NSE6_SDW_AD-7.6 exam

Go to Exam

379 Students Passed

92% Average Score

90% Same Questions

Viewing page 1 out of 3 pages

Viewing questions 1-10 out of questions

Questions # 1:

As an MSSP administrator, you are asked to configure ADVPN on an existing SD-WAN topology. FortiManager manages the customer devices in a dedicated ADOM. The previous administrator used the SD-WAN overlay topology.

Which two statements apply to this scenario? (Choose two.)

Options:

You can activate auto-discovery VPN in the SD-WAN overlay template only if it is a single hub topology.

When auto-discovery VPN is enabled, FortiManager updates the IPsec and BGP templates in the hub.

After you enable auto-discovery VPN in the overlay template, you must select between ADVPN 2.0 and ADVPN 1.0.

You can activate auto-discovery VPN in the SD-WAN overlay template for any type of topology, including a primary-primary dual-hub topology.

Questions # 2:

(Refer to the exhibits.

Question # 2

Two SD-WAN event logs, the member status, the SD-WAN rule configuration, and the health-check configuration for a FortiGate device are shown.

Immediately after the log messages are displayed, how will the FortiGate steer the traffic based on the information shown in the exhibits? Choose one answer.)

Options:

FortiGate skips SD-WAN rule ID 1.

FortiGate uses port2 to steer the traffic for SD-WAN rule ID 1.

FortiGate uses port1 to steer the traffic for SD-WAN rule ID 1.

FortiGate uses port1 or port2 to steer the traffic for SD-WAN rule ID 1.

Questions # 3:

Refer to the exhibits.

Question # 3

The administrator configured a device blueprint and CLI scripts as shown in the exhibits, to prepare for onboarding FortiGate devices in the company’s stores. Later, a technician prepares a FortiGate 51G with a basic configuration and connects it to the network. The basic configuration contains the port1 configuration and the minimal configuration required to allow the device to connect to FortiManager.

After the device first connects to FortiManager, FortiManager updates the device configuration.

Based on the exhibits, which actions does FortiManager perform?

Options:

FortiManager updates the device configuration according to the selected templates. It applies the corp_st template first.

FortiManager does not update the port1 configuration because FortiManager does not change the configuration of interfaces with fgfm access.

FortiManager updates access rights only for port1. FortiManager cannot update the IP address because it was already set manually.

FortiManager updates the configuration of port1, port2, and port5. The three ports might get new IP addresses.

Questions # 4:

Refer to the exhibits.

Question # 4

You use FortiManager to configure SD-WAN on three branch devices.

When you install the device settings. FortiManager prompts you with the error "Copy Failed" for the device branch1_fat When you click the log button. FortiManager displays the message shown in the exhibit.

Options:

Based on the exhibits, which statement best describes the issue and how you can resolve it?

Remove the installation target for the SD-WAN member port4. You cannot combine metadata variable and installation targets.

Gateways for all members in a zone must be defined the same way. Specify the gateway of the SD-WAN member port! without metadata variables.

Check the metadata variable definitions, and review the per-device mapping configuration.

Check the connection between branch1_fgt and FortiManager

Questions # 5:

The FortiGate devices are managed by ForliManager, and are configured for direct internet access (DIA). You confirm that DIA is working as expected for each branch, and check the SD-WAN zone configuration and firewall policies shown in the exhibits.

Question # 5

Then, you use the SD-WAN overlay template to configure the IPsec overlay tunnels. You create the associated SD-WAN rules to connect existing branches to the company hub device and apply the changes on the branches.

After those changes, users complain that they lost internet access. DIA is no longer working.

Based on the exhibit, which statement best describes the possible root cause of this issue?

Options:

The SD-WAN overlay template defines a zone for each underlay interface and moves the interfaces into those zones.

The SD-WAN overlay template didn’t configure a firewall policy to allow traffic through the overlay.

The SD-WAN overlay template redefines the interface gateway addresses if they are defined with metadata variables.

The SD-WAN overlay template updates the SD-WAN template and the rules.

Questions # 6:

Refer to the exhibits.

Question # 6

The first exhibit shows the SD-WAN zone HUB1 and SD-WAN member configuration from an SD-WAN template, and the second exhibit shows the output of command diagnose sys sdwan member collected on a FortiGate device.

Which statement best describes what the diagnose output shows?

Options:

The diagnose output shows that HUB1-VPN1 and all HUBx-VPNy members are dead.

The diagnose output does not correspond to a device configured with the SD-WAN template shown in the exhibit.

The diagnose output was collected on the device branch2_fgt.

The diagnose output was collected on the device branch1_fgt

Questions # 7:

Refer to the exhibit.

Question # 7

You configure SD-WAN on a standalone FortiGate device. You want to create an SD-WAN rule that steers Facebook and Linkedin traffic through the less costly internet link. The FortiGate GUI page appears as shown in the exhibit.

What should you do to set Facebook and LinkedIn as destinations?

Options:

Install a license to allow applications as destinations of SD-WAN rules.

In the Internet service field, select Facebook and LinkedIn.

Enable the applications as destinations of the SD-WAN rule feature visibility.

You cannot configure applications as destinations of an SD-WAN rule on a standalone FortiGate device.

Questions # 8:

You have a FortiGate configuration with three user-defined SD-WAN zones and two members in each of these zones. One SD-WAN member is no longer in use in health-check and SD-WAN rules. You want to delete it.

What happens if you delete the SD-WAN member from the FortiGate GUI?

Options:

FodiGate accepts the deletion and removes routes as required.

FortiGate displays an error message. You must use the CLI to delete an SD-WAN member.

FortiGate displays an error message. SD-WAN zones must contain at least two members

FortiGate accepts the deletion and places the member in the default SD-WAN zone.

Questions # 9:

Exhibit.

Question # 9

For your ZTP deployment, you review the CSV file shown in exhibit and note that it is missing important information. Which two elements must you change before you can import it into FortiManager? (Choose two.)