NSE7_PBC-7.2 Dumps

NSE7_PBC-7.2 Braindumps NSE7_PBC-7.2 Real Questions NSE7_PBC-7.2 Practice Test NSE7_PBC-7.2 Actual Questions


Fortinet


NSE7_PBC-7.2


Fortinet FCSS in Public Cloud Security Certification


https://killexams.com/pass4sure/exam-detail/NSE7_PBC-7.2

Question: 151


Refer to the exhibit



You deployed an HA active-passive FortiGate VM in Microsoft Azure.

Which two statements regarding this particular deployment are true? (Choose two.)


  1. During the failover, the passive FortiGate issues API calls to Azure

  2. Use the vdom-excepticn command to synchronize the configuration.

  3. There is no SLA for API calls from Microsoft Azure.

  4. By default, the configuration does not synchromze between the primary and secondary devices.


Answer: A,D Question: 152

Which statement about Transit Gateway (TGW) in Amazon Web Services (AWS) is true?


  1. TGW can have multiple TGW route tables.

  2. Both the TGW attachment and propagation must be in the same TGW route table

  3. A TGW attachment can be associated with multiple TGW route tables.

  4. The TGW default route table cannot be disabled.


Answer: A Question: 153

What are two main features in Amazon Web Services (AWS) network access control lists (ACLs)? (Choose two.)


  1. You cannot use Network ACL and Security Group at the same time.

  2. The default network ACL is configured to allow all traffic

  3. Network ACLs are stateless, and inbound and outbound rules are used for traffic filtering

  4. Network ACLs are tied to an instance


Answer: B,C Question: 154

You are adding more spoke VPCs to an existing hub and spoke topology Your goal is to finish this task in the minimum amount of time without making errors.


Which Amazon AWS services must you subscribe to accomplish your goal?


  1. GuardDuty, CloudWatch

  2. WAF, DynamoDB

  3. Inspector, S3

  4. CloudWatch, S3


Answer: D Question: 155

Which two Amazon Web Services (AWS) features support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)


  1. A NAT gateway with an EIP

  2. A transit gateway with an attachment

  3. An Internet gateway with an EIP

  4. A transit VPC


Answer: B,D Question: 156 Refer to the exhibit


You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error message.


What could be the reason that you are getting the command not found error?


  1. You must move the binary file to the bin directory.

  2. You must change the directory location to the root directory

  3. You must assign correct permissions to the ec2-user.

  4. You must reinstall Terraform


Answer: A Question: 157 Refer to the exhibit



The exhibit shows a customer deployment of two Linux instances and their main routing table in Amazon Web Services (AWS). The customer also created a Transit Gateway (TGW) and two attachments


Which two steps are required to route traffic from Linux instances to the TGWQ (Choose two.)


  1. In the TGW route table, add route propagation to 192.168.0 0/16

  2. In the main subnet routing table in VPC A and B, add a new route with destination 0_0.0.0/0, next hop Internet gateway (IGW).

  3. In the TGW route table, associate two attachments.

  4. In the main subnet routing table in VPC A and B, add a new route with destination 0_0.0.0/0, next hop TG


Answer: C,D Question: 158 Refer to the exhibit


Consider the active-active load balance sandwich scenario in Microsoft Azure.


What are two important facts in the active-active load balance sandwich scenario? (Choose two)


  1. It uses the vdom-exception command to exclude the configuration from being synced

  2. It is recommended to enable NAT on FortiGate policies.

  3. It uses the FGCP protocol

  4. It supports session synchronization for handling asynchronous traffic.


Answer: B,D Question: 159

You are troubleshooting an Azure SDN connectivity issue with your FortiGate VM


Which two queries does that SDN connector use to interact with the Azure management API? (Choose two.)


  1. The first query is targeted to a special IP address to get a token.

  2. The first query is targeted to IP address 8.8

  3. There is only one query initiating from FortiGate port1 -

  4. Some queries are made to manage public IP addresses.


Answer: A,D Question: 160 Refer to the exhibit



The exhibit shows the results of a FortiCNP registry scan Which two statements are correct? (Choose two)


  1. When adding a repository, you can leave the Tag section blank to scan all images-

  2. The registry scan is part of the FortiCNP cloud protection.

  3. The registry scan is part of the FortiCNP container protection.

  4. When adding a repository, you can add a minimum number of images to be imported through the CAP section.


Answer: A,C