New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

NSE7_PBC-7.2 Fortinet NSE 7 Public Cloud Security 7.2 (FCSS) Questions and Answers

Questions 4

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD-WAN?

Options:

A.

It eliminates the use of ECMP

B.

You can use GRE-based tunnel attachments

C.

You can combine it with IPsec to achieve higher bandwidth

D.

You can use BGP over IPsec for maximum throughput

Buy Now
Questions 5

Refer to the exhibit

An administrator is trying to deploy a FortiGate VM in Microsoft Azure using Terraform However, during the configuration, the Azure client secret is no longer visible in the Azure portal.

How would the administrator obtain the Azure

client secret to configure on Terratorm?

Options:

A.

The administrator must create a new Azure account

B.

Log in to the Azure CLI with power user to obtain the client secret

C.

The administrator can create a new client secret

D.

The administrator must obtain the client secret through Azure Cloud Shell.

Buy Now
Questions 6

Refer to the exhibit.

What would be the impact of confirming to delete all the resources in Terraform?

Options:

A.

It destroys all the resources in the . tfvars file

B.

It destroys all the resources tied to the AWS Identity and Access Management (1AM) user.

C.

It destroys all the resources in the resource group

D.

It destroys all the resources in the state file.

Buy Now
Questions 7

You are using Red Hat Ansible to change the FortiGate VM configuration.

What is the minimum number of files you must create and which file must you use to configure the target FortiGate IP address?

Options:

A.

Create two files and use the .yami file.

B.

Create two files and use the hosts file

C.

Create one file and use the variable file

D.

Create three files and use the .yaml file.

Buy Now
Questions 8

Refer to the exhibit

An administrator deployed an HA active-active load balance sandwich in Microsoft Azure. The setup requires configuration synchronization between devices-

What are two outcomes from the configured settings? (Choose two.)

Options:

A.

FortiGate-VM instances are scaled out automatically according to predefined workload levels.

B.

FortiGate A and FortiGate B are two independent devices.

C.

By default, FortiGate uses FGCP

D.

It does not synchronize the FortiGate hostname

Buy Now
Questions 9

Refer to the exhibit

A customer has deployed an environment in Amazon Web Services (AWS) and is now trying to send outbound traffic from the Linux1 and Linux2 instances to the internet through the security VPC (virtual private cloud). The FortiGate policies are configured to allow all outbound

traffic; however, the traffic is not reaching the FortiGate internal interface. Assume there are no issues with the Transit Gateway (TGW) configuration

Which two settings must the customer add to correct the issue? (Choose two.)

Options:

A.

Both landing subnets in the spoke VPCs must have a 0.0.0.0/0 traffic route to the Internet Gateway (IOW).

B.

Both landing subnets in the spoke VPCs must have a 0.0 00/0 traffic route to the TGW

C.

Both landing subnets in the security VPC must have a 0.0.0.0/0 traffic route to the FortiGate port2.

D.

The four landing subnets in all the VPCs must have a 0.0 0 0/0 traffic route to the TGW

Buy Now
Questions 10

An administrator decides to use the Use managed identity option on the FortiGate SDN connector with Microsoft Azure However, the SDN connector is failing on the connection What must the administrator do to correct this issue?

Options:

A.

Make sure to add the Tenant ID on FortiGate side of the configuration

B.

Make sure to set the type to system managed identity on FortiGate SDN connector settings

C.

Make sure to enable the system assigned managed identity on Azure

D.

Make sure to add the Client secret on FortiGate side of the configuration

Buy Now
Questions 11

Refer to the exhibit

Consider the active-active load balance sandwich scenario in Microsoft Azure.

What are two important facts in the active-active load balance sandwich scenario? (Choose two )

Options:

A.

It uses the vdom-exception command to exclude the configuration from being synced

B.

It is recommended to enable NAT on FortiGate policies.

C.

It uses the FGCP protocol

D.

It supports session synchronization for handling asynchronous traffic.

Buy Now
Questions 12

Which two attachments are necessary to connect a transit gateway to an existing VPC with BGP? (Choose two )

Options:

A.

A transport attachment

B.

A BGP attachment

C.

A connect attachment

D.

A GRE attachment

Buy Now
Questions 13

Your goal is to deploy resources in multiple places and regions in the public cloud using Terraform.

What is the most efficient way to deploy resources without changing much of the Terraform code?

Options:

A.

Use multiple terraform.tfvars files With a variables.tf file.

B.

Use the provider. tf file to add all the new values

C.

Install and configure two Terraform staging servers to deploy resources.

D.

Use the variable, tf file and edit its values to match multiple resources

Buy Now
Questions 14

How does an administrator secure container environments from newly emerged security threats?

Options:

A.

Use distributed network-related application control signatures.

B.

Use Amazon AWS-related application control signatures

C.

Use Amazon AWS_S3-related application control signatures

D.

Use Docker-related application control signatures

Buy Now
Questions 15

A customer would like to use FortiGate fabric integration With FortiCNP

When configuring a FortiGate VM to add to FortiCNP, which three mandatory configuration steps must you follow on FortiGate? (Choose three.)

Options:

A.

Enable send logs-

B.

Create and IPS sensor and a firewall policy

C.

Create an IPsec tunnel.

D.

Create an SSL]SSH inspection profile.

E.

Enable two-factor authentication.

Buy Now
Questions 16

You are tasked with deploying a FortiGate HA solution in Amazon Web Services (AWS) using Terraform What are two steps you must take to complete this deployment? (Choose two.)

Options:

A.

Enable automation on the AWS portal.

B.

Create an AWS Identity and Access Management (IAM) user With permissions.

C.

Use CloudSheIl to install Terraform.

D.

Create an AWS Active Directory user with permissions.

Buy Now
Questions 17

Which statement about immutable infrastructure in automation is true?

Options:

A.

It is the practice of deploying a new server for every configuration change

B.

It is the practice of modifying the existing server configuration after it is deployed

C.

It is the practice of deploying two parallel servers for high availability.

D.

It is the practice of applying hotfixes and OS patches after deployment

Buy Now
Exam Code: NSE7_PBC-7.2
Exam Name: Fortinet NSE 7 Public Cloud Security 7.2 (FCSS)
Last Update: Dec 23, 2024
Questions: 59
NSE7_PBC-7.2 pdf

NSE7_PBC-7.2 PDF

$25.5  $84.99
NSE7_PBC-7.2 Engine

NSE7_PBC-7.2 Testing Engine

$30  $99.99
NSE7_PBC-7.2 PDF + Engine

NSE7_PBC-7.2 PDF + Testing Engine

$40.5  $134.99