最新的Fortinet NSE 7 - Public Cloud Security 6.4 - NSE7_PBC-6.4免費考試真題
問題1
An Amazon Web Services (AWS) auto-scale FortiGate cluster has just experienced a scale-down event, terminating a FortiGate in availability zone C.
This has now black-holed the private subnet in this availability zone.
What action will the worker node automatically perform to restore access to the black-holed subnet?
This has now black-holed the private subnet in this availability zone.
What action will the worker node automatically perform to restore access to the black-holed subnet?
正確答案: D
說明:(僅 VCESoft 成員可見)
問題2
Which two statements about Microsoft Azure network security groups are true? (Choose two.)
正確答案: C,D
說明:(僅 VCESoft 成員可見)
問題3
You need to deploy FortiGate VM devices in a highly available topology in the Microsoft Azure cloud. The following are the requirements of your deployment:
*Two FortiGate devices must be deployed; each in a different availability zone.
*Each FortiGate requires two virtual network interfaces: one will connect to a public subnet and the other will connect to a private subnet.
*An external Microsoft Azure load balancer will distribute ingress traffic to both FortiGate devices in an active- active topology.
*An internal Microsoft Azure load balancer will distribute egress traffic from protected virtual machines to both FortiGate devices in an active-active topology.
*Traffic should be accepted or denied by a firewall policy in the same way by either FortiGate device in this topology.
Which FortiOS CLI configuration can help reduce the administrative effort required to maintain the FortiGate devices, by synchronizing firewall policy and object configuration between the FortiGate devices?
*Two FortiGate devices must be deployed; each in a different availability zone.
*Each FortiGate requires two virtual network interfaces: one will connect to a public subnet and the other will connect to a private subnet.
*An external Microsoft Azure load balancer will distribute ingress traffic to both FortiGate devices in an active- active topology.
*An internal Microsoft Azure load balancer will distribute egress traffic from protected virtual machines to both FortiGate devices in an active-active topology.
*Traffic should be accepted or denied by a firewall policy in the same way by either FortiGate device in this topology.
Which FortiOS CLI configuration can help reduce the administrative effort required to maintain the FortiGate devices, by synchronizing firewall policy and object configuration between the FortiGate devices?
正確答案: C
說明:(僅 VCESoft 成員可見)
