Summer Special Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

NSE7_PBC-7.2 Fortinet NSE 7 Public Cloud Security 7.2 (FCSS) Questions and Answers

Questions 4

Refer to the exhibit

NSE7_PBC-7.2 Question 4

You attempted to access the Linux1 EC2 instance directly from the internet using its public IP address in AWS.

However, your connection is not successful.

Given the network topology, what can be the issue?

Options:

A.

There is no connection between VPC A and VPC B.

B.

There is no elastic IP address attached to FortiGate in the Security VPC.

C.

The Transit Gateway BGP IP address is incorrect.

D.

There is no internet gateway attached to the Spoke VPC A.

Buy Now
Questions 5

You are configuring the failover settings on a FortiGate active-passive SDN connector solution in Microsoft Azure. Which two mandatory settings are required after the initial deployment? (Choose two)

Options:

A.

Subscription-id

B.

FortiGate license file

C.

Active FortiGate serial number

D.

Resource group name

Buy Now
Questions 6

Refer to the exhibit.

NSE7_PBC-7.2 Question 6

NSE7_PBC-7.2 Question 6

What could be the reason that the administrator cannot access the EC2 instance?

Options:

A.

You must elevate the permissions to access the EC2 instance

B.

You must run the chmod 400 Staging-key.peracommand before accessing the instance.

C.

There is no . pem key created on in Amazon Web Services (AWS)

D.

The directory location of the . pem file is incorrect.

Buy Now
Questions 7

Refer to Exhibit:

NSE7_PBC-7.2 Question 7

You are troubleshooting a Microsoft Azure SDN connector issue on your FortiGate VM in Azure

Which three settings should you check while troubleshooting this problem? (Choose three.)

Options:

A.

Use the show vdom command to see hidden VDOMs.

B.

use the diag sys va command.

C.

Ensure FortiGate port4 can resolve DNS.

D.

Ensure FortiGate portl has internet access

E.

Ensure IP address 169.254.169_254 is not blocked

Buy Now
Questions 8

Refer to the exhibit.

NSE7_PBC-7.2 Question 8

An administrator has deployed a FortiGate VM in Amazon Web Services (AWS) and is trying to access it using its public IP address from their local computer However, the connection is not successful and at the same time FortiGate is not receiving any HTTPS or SSH traffic to its external interface

What should the administrator check for possible issue?

Options:

A.

Run a debug flow to check any network ACLs

B.

Check the FortiGate firewall policies

C.

Check the FortiGate instance ID

D.

Check the inbound network security group rules

Buy Now
Questions 9

How does an administrator secure container environments from newly emerged security threats?

Options:

A.

Use distributed network-related application control signatures.

B.

Use Amazon AWS-related application control signatures

C.

Use Amazon AWS_S3-related application control signatures

D.

Use Docker-related application control signatures

Buy Now
Questions 10

Which two Amazon Web Services (AWS) features support east-west traffic inspection within the AWS cloud by the FortiGate VM? (Choose two.)

Options:

A.

A NAT gateway with an EIP

B.

A transit gateway with an attachment

C.

An Internet gateway with an EIP

D.

A transit VPC

Buy Now
Questions 11

Refer to the exhibit

NSE7_PBC-7.2 Question 11

You are tasked with deploying FortiGate using Terraform. When you run the terraform version command during the Terraform installation, you get an error message.

What could be the reason that you are getting the command not found error?

Options:

A.

You must move the binary file to the bin directory.

B.

You must change the directory location to the root directory

C.

You must assign correct permissions to the ec2-user.

D.

You must reinstall Terraform

Buy Now
Questions 12

An administrator decides to use the Use managed identity option on the FortiGate SDN connector with Microsoft Azure However, the SDN connector is failing on the connection What must the administrator do to correct this issue?

Options:

A.

Make sure to add the Tenant ID on FortiGate side of the configuration

B.

Make sure to set the type to system managed identity on FortiGate SDN connectorsettings

C.

Make sure to enable the system assigned managed identity on Azure

D.

Make sure to add the Client secret on FortiGate side of the configuration

Buy Now
Questions 13

Which statement about Transit Gateway (TGW) in Amazon Web Services (AWS) is true?

Options:

A.

TGW can have multiple TGW route tables.

B.

Both the TGW attachment and propagation must be in the same TGW route table

C.

A TGW attachment can be associated with multiple TGW route tables.

D.

The TGW default route table cannot be disabled.

Buy Now
Questions 14

Refer to the exhibit.

NSE7_PBC-7.2 Question 14

The exhibit shows an active-passive high availability FortiGate pair with external and internal Azure load balancers. There is no SDN connector used in this solution

Which configuration should the administrator implement?

Options:

A.

Lambda IP address with one static route.

B.

Probe IP address with two static routes

C.

Probe IP address with one BGP route

D.

Public load balancer IP address with two BGP routes.

Buy Now
Questions 15

Which statement about immutable infrastructure in automation is true?

Options:

A.

It is the practice of deploying a new server for every configuration change

B.

It is the practice of modifying the existing server configuration after it is deployed

C.

It is the practice of deploying two parallel servers for high availability.

D.

It is the practice of applying hotfixes and OS patches after deployment

Buy Now
Questions 16

What kind of underlying mechanism does Transit Gateway Connect use to send traffic from the virtual private cloud (VPC) to the transit gateway?

Options:

A.

A BGP attachment

B.

A GRE attachment

C.

A transport attachment

D.

Transit Gateway Connect attachment

Buy Now
Questions 17

You must allow an SSH traffic rule in an Amazon Web Services (AWS) network access list (NACL) to allow SSH traffic to travel to a subnet for temporary testing purposes. When you review the current inbound network ACL rules, you notice that rule number 5 demes SSH and telnet traffic to the subnet

What can you do to allow SSH traffic?

Options:

A.

You must create a new allow SSH rule below rule number 5

B.

You must create a new allow SSH rule above rule number 5-

C.

You must create a new allow SSH rule anywhere in the network ACL rule base to allow SSH traffic.

D.

You do not have to create any NACL rules because the default security group rule automatically allows SSH traffic to the subnet.

Buy Now
Exam Code: NSE7_PBC-7.2
Exam Name: Fortinet NSE 7 Public Cloud Security 7.2 (FCSS)
Last Update: Jun 16, 2024
Questions: 59

PDF + Testing Engine

$66.4  $165.99

Testing Engine

$46  $114.99
buy now NSE7_PBC-7.2 testing engine

PDF (Q&A)

$42  $104.99
buy now NSE7_PBC-7.2 pdf