Big Halloween Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Dumpsbuddy Logo
  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_SDW_AR-7.4
  5. FCSS - SD-WAN 7.4 Architect Questions and Answers

FCSS_SDW_AR-7.4 FCSS - SD-WAN 7.4 Architect Questions and Answers

Questions 4

Refer to the exhibits.

FCSS_SDW_AR-7.4 Question 4

FCSS_SDW_AR-7.4 Question 4

The interface details, static route configuration, and firewall policies on the managed FortiGate device are shown.

You want to configure a new SD-WAN zone, named Underlay, that contains the interfaces port1 and port2.

What must be your first action?

Options:

A.

Define port1 as an SD-WAN member.

B.

Delete the static routes.

C.

Delete the SD-WAN Zone Test.

D.

Delete the firewall policies.

Buy Now
Questions 5

Refer to the exhibits.

FCSS_SDW_AR-7.4 Question 5

You connect to a device behind a branch FortiGate device and initiate a ping test. The device is part of the LAN subnet and its IP address is 10.0.1.101.

Based on the exhibits, which interface uses branch 1_fgt to steer the test traffic?

Options:

A.

port4

B.

HUB1-VPN1

C.

port1

D.

port2

Buy Now
Questions 6

When you use the command diagnose sys session list, how do you identify the sessions that correspond to traffic steered according to SD-WAN rules?

Options:

A.

You identify sessions steered according to SD-WAN rules with the flag vwl.

B.

You cannot identify SD-WAN sessions. You must use the sdwar. session filter.

C.

You identify sessions steered according to SD-WAN rules with the data vwl_mbr_seq.

D.

You identify sessions steered according to SD-WAN rules with the data 3dwan_service_id.

Buy Now
Questions 7

Refer to the exhibits.

FCSS_SDW_AR-7.4 Question 7

You use FortiManager to configure SD-WAN on three branch devices.

When you install the device settings. FortiManager prompts you with the error "Copy Failed" for the device branch1_fat When you click the log button. FortiManager displays the message shown in the exhibit.

Options:

A.

Based on the exhibits, which statement best describes the issue and how you can resolve it?

B.

Remove the installation target for the SD-WAN member port4. You cannot combine metadata variable and installation targets.

C.

Gateways for all members in a zone must be defined the same way. Specify the gateway of the SD-WAN member port! without metadata variables.

D.

Check the metadata variable definitions, and review the per-device mapping configuration.

E.

Check the connection between branch1_fgt and FortiManager

Buy Now
Questions 8

Your FortiGate is in production. To optimize WAN link use and improve redundancy, you enable and configure SD-WAN.

What must you do as part of this configuration update process?

Options:

A.

Replace references to interfaces used as SD-WAN members in the routing configuration.

B.

Purchase and install the SD-WAN license, and reboot the FortiGate device.

C.

Replace references to interfaces used as SD-WAN members in the firewall policies.

D.

Disable the interface that you want to use as an SD-WAN member.

Buy Now
Questions 9

You have configured the performance SLA with the probe mode as Prefer Passive.

What are two observable impacts of this configuration? (Choose two.)

Options:

A.

FortiGate passively monitors the member if TCP traffic is passing through the member.

B.

After FortiGate switches to active mode, the SLA performance rule falls back to passive monitoring after 3 minutes.

C.

FortiGate passively monitors the member if ICMP traffic is passing through the member.

D.

During passive monitoring, the SLA performance rule cannot detect dead members.

E.

FortiGate can offload the traffic that is subject to passive monitoring to hardware.

Buy Now
Questions 10

The FortiGate devices are managed by ForliManager, and are configured for direct internet access (DIA). You confirm that DIA is working as expected for each branch, and check the SD-WAN zone configuration and firewall policies shown in the exhibits.

FCSS_SDW_AR-7.4 Question 10

FCSS_SDW_AR-7.4 Question 10

FCSS_SDW_AR-7.4 Question 10

Then, you use the SD-WAN overlay template to configure the IPsec overlay tunnels. You create the associated SD-WAN rules to connect existing branches to the company hub device and apply the changes on the branches.

After those changes, users complain that they lost internet access. DIA is no longer working.

Based on the exhibit, which statement best describes the possible root cause of this issue?

Options:

A.

The SD-WAN overlay template defines a zone for each underlay interface and moves the interfaces into those zones.

B.

The SD-WAN overlay template didn’t configure a firewall policy to allow traffic through the overlay.

C.

The SD-WAN overlay template redefines the interface gateway addresses if they are defined with metadata variables.

D.

The SD-WAN overlay template updates the SD-WAN template and the rules.

Buy Now
Questions 11

SD-WAN interacts with many other FortiGate features. Some of them are required to allow SD-WAN to steer the traffic.

Which three configuration elements that you must configure before FortiGate can steer traffic according to SD-WAN rules? (Choose three.)

Options:

A.

Firewall policies

B.

Interfaces

C.

Security profiles

D.

Traffic shaping

E.

Routing

Buy Now
Questions 12

Refer to the exhibit.

FCSS_SDW_AR-7.4 Question 12

An administrator configures SD-WAN rules for a DIA setup using the FortiGate GUI. The page to configure the source and destination part of the rule looks as shown in the exhibit. The GUI page shows no option to configure an application as the destination of the SD-WAN rule Why?

Options:

A.

You cannot use applications as the destination when FortiGate is used for a DIA setup.

B.

FortiGate allows the configuration of applications as the destination of SD-WAN rules only on the CLI.

C.

You must enable the feature on the CLI.

D.

You must enable the feature first using the GUI menu System > Feature Visibility.

Buy Now
Questions 13

You have a FortiGate configuration with three user-defined SD-WAN zones and two members in each of these zones. One SD-WAN member is no longer in use in health-check and SD-WAN rules. You want to delete it.

What happens if you delete the SD-WAN member from the FortiGate GUI?

Options:

A.

FodiGate accepts the deletion and removes routes as required.

B.

FortiGate displays an error message. You must use the CLI to delete an SD-WAN member.

C.

FortiGate displays an error message. SD-WAN zones must contain at least two members

D.

FortiGate accepts the deletion and places the member in the default SD-WAN zone.

Buy Now
Questions 14

Refer to the exhibit.

FCSS_SDW_AR-7.4 Question 14

The exhibit shows the details of a session and the index numbers of some relevant interfaces on a FortiGate device that supports hardware offloading.

Based on the information shown in the exhibits, which two conclusions can you draw? (Choose two.)

Options:

A.

By default, FortiGate offloads symmetric and asymmetric flows.

B.

The original direction of the symmetric traffic flows from port3 to port2.

C.

The reply direction of the asymmetric traffic flows from port2 to port3.

D.

The auxiliary session can be offloaded to hardware.

Buy Now
Questions 15

Exhibit.

FCSS_SDW_AR-7.4 Question 15

For your ZTP deployment, you review the CSV file shown in exhibit and note that it is missing important information. Which two elements must you change before you can import it into FortiManager? (Choose two.)

Options:

A.

You must associate a device blueprint with each device

B.

You must define a name for each device

C.

You must define a value for each device and each metadata variable that defines an IP address.

D.

You must define a value for each device and each user-defined metadata variable.

Buy Now
Questions 16

Which statement describes FortiGate behavior when you reference a zone in a static route?

Options:

A.

FoftiGate installs ECMP static routes for the first two members of the zone.

B.

FortiGate ignores the static routes defined through members referenced in the zone.

C.

FortiGate routes the traffic through the best performing member of the zone.

D.

FortiGate installs a static route for each member in the zone.

Buy Now
Questions 17

Refer to the exhibit.

FCSS_SDW_AR-7.4 Question 17

The administrator used the SD-WAN overlay template to prepare an IPsec tunnels configuration for a hub-and-spoke SD-WAN topology. The exhibit shows the FortiManager installation preview for one FortiGate device.

Based on the exhibit, which statement best describes the configuration applied to the FortiGate device?

Options:

A.

It is a spoke device that establishes dynamic IPsec tunnels to the hub. The local subnet range is 10.10.128.0/23.

B.

It is a hub device. It can send ADVPN shortcut offers.

C.

It is a hub device. It will automatically discover the spoke devices and add them to the SD-WAN topology.

D.

It is a spoke device that establishes dynamic IPsec tunnels to the hub It can send ADVPN shortcut requests.

Buy Now
Questions 18

Exhibit.

FCSS_SDW_AR-7.4 Question 18

Which action will FortiGate take if it detects SD-WAN members as dead?

Options:

A.

FoftiGate bounces port5 after it detects all SD-WAN members as dead.

B.

FortiGate fails over to the secondary device after it detects port5 as dead.

C.

FortiGate sends alert messages through poft5 when it detects all SD-WAN members as dead

D.

FortiGate brings down port5 after it detects all SD-WAN members as dead.

Buy Now
Questions 19

Refer to the exhibit.

FCSS_SDW_AR-7.4 Question 19

An administrator checks the status of an SD-WAN topology using the FortiManager SD-WAN monitor menus. All members are configured with one or two SLAs.

Which two conclusions can you draw from the output shown? (Choose two.)

Options:

A.

The template view should be used to see the hub devices.

B.

One member of branch2_fgt is missing the SLAs.

C.

branch2_fgt establishes six tunnels to the hubs and they are all up.

D.

This SD-WAN topology contains only two branch devices.

Buy Now
Questions 20

Exhibit.

FCSS_SDW_AR-7.4 Question 20

Refer to the exhibit, which shows the SD-WAN rule status and configuration.

Based on the exhibit, which change in the measured packet loss will make HUB1-VPN3 the new preferred member?

Options:

A.

When HUB1-VPN1 has 4% packet loss

B.

When HUB1-VPN1 has 12% packet loss

C.

When HUB1-VPN3 has 4% packet loss

D.

When all three members have the same packet loss

Buy Now
Exam Code: FCSS_SDW_AR-7.4
Exam Name: FCSS - SD-WAN 7.4 Architect
Last Update: Oct 30, 2025
Questions: 68

PDF + Testing Engine

$134.99
buy now FCSS_SDW_AR-7.4 pdf + testing engine

Testing Engine

$99.99
buy now FCSS_SDW_AR-7.4 testing engine

PDF (Q&A)

$84.99
buy now FCSS_SDW_AR-7.4 pdf