searching1

@aas, DM'd you. Im interested to join the group.

please reupload?

Same here guys, any update?

Thanks @R2013, Are you planning to take the exam as well? Can you share what learning materials can be use to practice versa?

any updated link or if anyone can re-upload?

Thanks Man, keep it rollin

Congrats DCexpo!

Something related with the overlay/underlay.

@ChunLi Thanks for sharing. Thank you to everyone who has participated to this discussion. I passed the exam. Good luck to all.

Is this the correct answer ? [Hidden Content] To check interface logs from the past 15 minutes: FGT (root) # diagnose sys virtual-wan-link intf-sla-log R150 or C? To check SLA logs in the past 10 minutes: FGT (root) # diagnose sys sdwan sla-log ping 1 haha kinda confusing to me. 15min vs 10min & int logs vs sla logs QUESTION 5 Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes? A. diagnose sys virtual-wan-link health-check B. diagnose sys virtual-wan-link log C. diagnose sys virtual-wan-link sla-log D. diagnose sys virtual-wan-link intf-sla-log Correct Answer: C

What is the correct answer here? Refer to the exhibit. related to "diagnose sys session list " result. Based on the exhibit, which statement about FortiGate re-evaluating traffic is true? A. The type of traffic defined and allowed on firewall policy ID 1 is UDP. B. Changes have been made on firewall policy ID 1 on FortiGate. C. Firewall policy ID 1 has source NAT disabled. D. FortiGate has terminated the session after a change on policy ID 1. Correct Answer: B - looking at the protocol it is a ICMP (protocol 1 ) so it is not udp nor tcp. - state shows... ""state=dirty may_dirty" If the traffic is allowed by a firewall policy, the unit creates a session and flags it as 'may_dirty'. After that, if there is a change on the firewall policies or any other condition that will trigger the state change, all the existing sessions with the 'may_dirty' flag will be flagged as dirty. This indicates to the FortiGate that it needs to reevaluate the next session packet. If the session is still allowed/valid and match the expected firewall policy to be allowed, the dirty flag is removed and the 'may_dirty' flag is kept. Below are the conditions that will trigger a session to be mark as 'dirty' when: 1) Any changes on any firewall policy. <----- 2) Routing changes. 3) Any network related config changes.

We can refer to the old dumps for 10% of the q&a, but be careful to double-check so we need to review and go by the book. All, If someone has recently passed the exam utilizing the provided dump, kindly update the results here.

Please confirm.. An administrator is troubleshooting VoIP quality issues that occur when calling external phone numbers The SD-WAN interface on the edge FortiGate is configured with the default settings, and is using two upstream links One link has random jitter and latency issues and is based on a wireless connection Which two actions must the administrator apply simultaneously on the edge FortiGate to improve VoIP quality using SD_WAN rules? A. Place the troublesome link at the top of the interface preference list. B. Use the performance SLA targets to detect latency and jitter instantly. C. Configure an SD-WAN rule to load balance all traffic without VoIP D. Select the corresponding SD-WAN balancing strategy in the SD-WAN rule E. Choose the suitable interface based on the interface cost and weight My Answer: B E Most of the dumps say B and D, but I think B and E are the best option since if we're having troubles with voip on one of the links, adjusting the cost or interface preference would be the simplest solution, right?

Which two statements describe how IPsec phase 1 main mode is different from aggressive mode when performing IKE negotiation? (Choose two ) A. The use of Diffie Hellman keys is limited by the responder and needs initiator acceptance. B. A peer ID is included in the first packet from the initiator, along with suggested security policies. C. A total of six packets are exchanged between an initiator and a responder instead of three packets. D. XAuth is enabled as an additional level of authentication, which requires a username and password. Provided answer: C & D - for me the right answer should be A & C. A - because part of main mode is the exchange of keys on both initiator and responder?

Additional Q. Please confirm...Here, looks like the correct answer is CD In the default SD-WAN minimum configuration, which two statements are correct when traffic matches the default implicit SD-WAN rule? (Choose two ) A. The FIB lookup resolved interface was the SD-WAN member interface B. Matched traffic failed RPF and was caught by the rule. C. Traffic has matched none of the FortiGate policy routes D. An absolute SD-WAN rule was defined and matched traffic My answer: C - what happens if none of the SD-WAN rules can forward the traffic?.. If no routing rules are defined, the default Implicit rule is used. D. SD-WAN routing logic SD-WAN rules are matched only if the best route to the destination points to SD-WAN. SD-WAN member is selected only if it has a route to the destination. a & b is incorrect since The sd-wan rule balances traffic based on how you configured SD-WAN load balancing. did not find anything related with FIB and RPF.

anyone here recently passed the exam ?

anyone here recently passed the exam ?

I'm not sure about the following Q&A; could you kindly confirm?: q14 - q21 - Add-route should, in my opinion, be disabled so that the dynamic routing protocol has complete control over all routes that will be installed. Is this only applicable for ADVPN? I'm referencing the below link which state "You can add a route to a peer destination selector by using the add-route option" but this not part of dynamic routing and purely ipsec? [Hidden Content] q24: - Not sure if CB or CE? q28 & 29 & 35 - Looks good, but I'd like to double-confirm. ========================================================= I have reviewed the given Q&A.. q2 - [Hidden Content] q3 to q7 - Looks correct. q10 - [Hidden Content] [Hidden Content] q11 - q17 - Shared Shaper q18 - cd Looks correct. - Eliminated a since it is not a debug & b since it is not historical logs? q19 - B looks correct to me.... Indeed, the hub sends an offer, then the spoke sends a query, which the hub forwards to another spoke. q20 - You can configure the protocol that is used for status checks, including: Ping, HTTP, DNS, TCP echo, UDP echo, two-way active measurement protocol (TWAMP), TCP connect, and FTP. In the GUI, only Ping, HTTP, and DNS are available. q22: - Looks correct: take the IKE debugs to further analyze the details for the ADVPN shortcut.[Hidden Content] q23: - We can define a percentage using interface based shaping profile. q30: - I have excluded the following. a. not required to add static routes in bgp tags b. we match communities not bgp tags. (community to tag) c. i think this not part of sing BGP tags with SD-WAN rules - When it learns the routes from the branches, it matches the BGP communities and assigns route-tags to them. - [Hidden Content] Feel free to validate this part. q31: - looks correctt.. Missing 5 questions: q8-9, q32-34 ??? Anyone can confirm the missing questions ?

Guys, If you have a chance to go over all of the questions and identify any flaws or doubts in the answers, please let me know so we can work on breaking the code together.

@R2013, I see, So the dump we've got here is valid. I'm planning to take the exam this coming week. hopefully there will be no changes at all. I also received word from a coworker, who stated that he had encountered those questions which in your dumps. @All, Anyone here planning to take the exam? and can validate the QnA?

@R2013, This is great, Thank you for sharing man. One of my peers failed, and he say he used the free dumps out there, which he claimed had many incorrect answers. Let me check this dumps with him. What was your or your friend's score on this exam? just to check the passing rate. I agree with you that other vendors, not just Cisco, do change the question frequently. I'm now using Fortinet Institute and watching videos on YouTube, particularly Adam's vlog regarding Forti SDWAN. Do you have any suggestions to ensure we have some backup?

Is there any legit and latest dumps for Fortinet NSE 7 - SD-WAN 6.4?

@MichaelHolli, Have you passed the exam already using this dumps ? Thanks

I will take the exam tomorrow,, Any suggestion? or any updated dumps? Im using 35q dumps,

Anyone can reupload this on gdrive ?