NSE7_PBC-7.2 Exam Questions

An Amazon Web Services (AWS) auto-scale FortiGate cluster has just experienced a scale-down event, terminating a FortiGate in availability zone C. This has now black-holed the priv...

Refer to the exhibit. Consider an active-passive HA deployment in Microsoft Azure. The exhibit shows an excerpt from the passive FortiGate-VM node. If the active FortiGate-VM fails...

Which two Amazon Web Services (AWS) topologies support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)

You have previously deployed an Amazon Web Services (AWS) transit virtual private cloud (VPC) with a pair of FortiGate firewalls (VM04 / c4.xlarge) as your security perimeter. You...

Which two statements about Amazon Web Services (AWS) networking are correct? (Choose two.)

An organization deploys a FortiGate-VM (VM04 / c4.xlarge) in Amazon Web Services (AWS) and configures two elastic network interfaces (ENIs). Now, the same organization wants to add...

Refer to the exhibit. You are configuring an active-passive FortiGate clustering protocol (FGCP) HA configuration in a single availability zone in Amazon Web Services (AWS), using...

Customer XYZ has an ExpressRoute connection from Microsoft Azure to a data center. They want to secure communication over ExpressRoute, and to install an in-line FortiGate to perfo...

You need to deploy FortiGate VM devices in a highly available topology in the Microsoft Azure cloud. The following are the requirements of your deployment: - Two FortiGate devices...

When configuring the FortiCASB policy, which three configuration options are available? (Choose three.)

You have been tasked with deploying FortiGate VMs in a highly available topology on the Amazon Web Services (AWS) cloud. The requirements for your deployment are as follows: - You...

You are deploying Amazon Web Services (AWS) GuardDuty to monitor malicious or unauthorized behaviors related to AWS resources. You will also use the Fortinet aws-lambda-guardduty s...

Refer to the exhibit. A customer has deployed an environment in Amazon Web Services (AWS) and is now trying to send outbound traffic from the Web servers to the Internet. The Forti...

Refer to the exhibit. Your senior administrator successfully configured a FortiGate fabric connector with the Azure resource manager, and created a dynamic address object on the Fo...

Refer to the exhibit. You are deploying a FortiGate-VM in Microsoft Azure using the PAYG/On- demand licensing model. After you configure the FortiGate-VM, the validation process fa...

Which two statements about Microsoft Azure network security groups are true? (Choose two.)

Refer to the exhibit. In your Amazon Web Services (AWS) virtual private cloud (VPC), you must allow outbound access to the internet and upgrade software on an EC2 instance, without...

What is the bandwidth limitation of an Amazon Web Services (AWS) transit gateway VPC attachment?

A company deployed a FortiGate-VM with an on-demand license using Amazon Web Services (AWS) Market Place Cloud Formation template. After deployment, the administrator cannot rememb...

You have been asked to secure your organization's salesforce application that is running on Microsoft Azure, and find an effective method for inspecting shadow IT activities in the...

Your company deploys FortiGate VM devices in high availability (HA) (active-active) mode with Microsoft Azure load balancers using the Microsoft Azure ARM template. Your senior adm...

Refer to the exhibit. The exhibit shows a topology where multiple connections from clients to the same FortiGate-VM instance, regardless of the protocol being used, are required. W...

Refer to the exhibit. Which two conditions will enable you to segregate and secure the traffic between the hub and the spokes in Microsoft Azure? (Choose two.)

An organization deployed a FortiGate-VM in the Google Cloud Platform and initially configured it with two vNICs. Now, the same organization wants to add additional vNICs to this ex...

You have been asked to develop an Azure Resource Manager infrastructure as a code template for the FortiGate-VM, that can be reused for multiple deployments. The deployment fails,...

Which statement about FortiSandbox in Amazon Web Services (AWS) is true?

Which two statements about the Amazon Cloud Services (AWS) network access control lists (ACLs) are true? (Choose two.)

When an organization deploys a FortiGate-VM in a high availability (HA) (active/active) architecture in Microsoft Azure, they need to determine the default timeout values of the lo...

Which three properties are configurable Microsoft Azure network security group rule settings? (Choose three.)

Refer to the exhibit. You attempted to deploy the FortiGate-VM in Microsoft Azure with the JSON template, and it failed to boot up. The exhibit shows an excerpt from the JSON templ...

A Network security administrator is searching for a solution to secure traffic going in and out of the container infrastructure. In which two ways can Fortinet container security h...

You need a solution to safeguard public cloud-hosted web applications from the OWASP Top 10 vulnerabilities. The solution must support the same region in which your applications re...

Refer to the exhibit. You attempted to access the Linux1 EC2 instance directly from the internet using its public IP address in AWS. However, your connection is not successful. Giv...

Refer to the exhibit. The exhibit shows a customer deployment of two Linux instances and their main routing table in Amazon Web Services (AWS). The customer also created a Transit...

Which two attachments are necessary to connect a transit gateway to an existing VPC with BGP? (Choose two )

You have created a TGW route table to route traffic from your spoke VPC to the security VPC where two FortiGate devices are inspecting traffic. Your spoke VPC CIDR block is already...

Refer to the exhibit. A customer has deployed an environment in Amazon Web Services (AWS) and is now trying to send outbound traffic from the Linux1 and Linux2 instances to the int...

Which two Amazon Web Services (AWS) features support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)

Which statement about Transit Gateway (TGW) in Amazon Web Services (AWS) is true?

You are asked to find a solution to replace the existing VPC peering topology to have a higher bandwidth connection from Amazon Web Services (AWS) to the on-premises data center. W...

You are adding more spoke VPCs to an existing hub and spoke topology. Your goal is to finish this task in the minimum amount of time without making errors. Which Amazon AWS service...

Your administrator instructed you to deploy an Azure vWAN solution to create a connection between the main company site and branch sites to the other company VNETs. What are the tw...

Refer to the exhibit. You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error messag...

How does the immutable infrastructure strategy work in automation?

Refer to the exhibit. You deployed an HA active-passive FortiGate VM in Microsoft Azure. Which two statements regarding this particular deployment are true? (Choose two.)

Refer to the exhibit. You are deploying two FortiGate VMS in HA active-passive mode with load balancers in Microsoft Azure. Which two statements are true in this load balancing sce...

Refer to Exhibit. After the initial Terraform configuration in Microsoft Azure, the terraform plan command is run. Which two statements about running the plan command are true? (Ch...

What are three important steps required to get Terraform ready using Microsoft Azure Cloud Shell? (Choose three.)

Refer to the exhibit. You are tasked with deploying a webserver and FortiGate VMS in AWS. You are using Terraform to automate the process. Which two important details should you kn...

Refer to the exhibit. You are tasked to deploy a FortiGate VM with private and public subnets in Amazon Web Services (AWS). You examined the variables.tf file. What will be the fin...