Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE7_SDW-7.2 Topic 5 Question 30 Discussion

Actual exam question for Fortinet's NSE7_SDW-7.2 exam
Question #: 30
Topic #: 5
[All NSE7_SDW-7.2 Questions]

Refer to the exhibits.

Exhibit A -

Exhibit B -

Exhibit A shows the traffic shaping policy and exhibit B shows the firewall policy.

The administrator wants FortiGate to limit the bandwidth used by YouTube. When testing, the administrator determines that FortiGate does not apply traffic shaping on YouTube traffic.

Based on the policies shown in the exhibits, what configuration change must be made so FortiGate performs traffic shaping on YouTube traffic?

Show Suggested Answer Hide Answer
Suggested Answer: A, B

The use of an IPsec recommended template offers the advantage of ensuring consistent settings between phase1 and phase2 (A), which is essential for the stability and security of the IPsec tunnel. Additionally, it guides the administrator to use Fortinet's recommended settings (B), which are designed to optimize performance and security based on Fortinet's best practices. Reference: The benefits of using IPsec recommended templates are outlined in Fortinet's SD-WAN documentation, which emphasizes the importance of consistency and adherence to recommended configurations.


by William at Mar 07, 2025, 01:10 PM

Limited Time Offer

25%

Off

Get Premium NSE7_SDW-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tyra
1 months ago
Haha, you know what they say - when in doubt, enable all the things! But seriously, I think B is the way to go. Gotta love those application-level controls.
upvoted 0 times
...
Fletcher
1 months ago
I don't know, you guys. I was thinking D - selecting the individual SD-WAN members as the outgoing interface. Wouldn't that give FortiGate more granular control over the traffic shaping?
upvoted 0 times
Raina
3 days ago
B) Application control must be enabled on the firewall policy.
upvoted 0 times
...
Annett
9 days ago
A) Destination internet service must be enabled on the traffic shaping policy.
upvoted 0 times
...
...
Tamra
1 months ago
Dang, I was leaning towards C - enabling web filtering. But you make a good point, Trinidad. Application control seems like the more direct way to target the YouTube traffic specifically.
upvoted 0 times
Karan
28 days ago
Yeah, I also think B is the way to go. It directly targets the specific traffic we want to shape.
upvoted 0 times
...
Jess
30 days ago
I agree with you, B seems like the right choice to make FortiGate perform traffic shaping on YouTube traffic.
upvoted 0 times
...
Carmen
1 months ago
I think B is the correct answer. Application control should be enabled on the firewall policy to target YouTube traffic.
upvoted 0 times
...
...
Trinidad
2 months ago
Hmm, this one's tricky. I think the answer is B - enabling application control on the firewall policy. That should give FortiGate the ability to identify and shape the YouTube traffic.
upvoted 0 times
Erinn
5 days ago
I agree with the first user, enabling application control on the firewall policy should do the trick.
upvoted 0 times
...
Catina
7 days ago
No, I believe the correct answer is A - enabling destination internet service on the traffic shaping policy.
upvoted 0 times
...
Tegan
28 days ago
I think the answer is B - enabling application control on the firewall policy.
upvoted 0 times
...
...
Buffy
2 months ago
Hmm, that makes sense too. We should consider all options before deciding.
upvoted 0 times
...
Rosio
2 months ago
I disagree, I believe the answer is B) Application control must be enabled on the firewall policy.
upvoted 0 times
...
Buffy
3 months ago
I think the answer is A) Destination internet service must be enabled on the traffic shaping policy.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77