Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet Exam NSE7_PBC-7.2 Topic 1 Question 33 Discussion

Actual exam question for Fortinet's NSE7_PBC-7.2 exam
Question #: 33
Topic #: 1
[All NSE7_PBC-7.2 Questions]

Refer to the exhibit

A customer has deployed an environment in Amazon Web Services (AWS) and is now trying to send outbound traffic from the Linux1 and Linux2 instances to the internet through the security VPC (virtual private cloud). The FortiGate policies are configured to allow all outbound traffic; however, the traffic is not reaching the FortiGate internal interface. Assume there are no issues with the Transit Gateway (TGW) configuration

Which two settings must the customer add to correct the issue? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B

For deploying a FortiGate VM using Terraform in AWS, the administrator must use:

B . Use the Name of the key pair.

Terraform and AWS SSH Keys: When deploying instances in AWS using Terraform, it is required to specify the name of the SSH key pair to enable key-based authentication to the instance post-deployment.

Configuration Syntax: The variable keyname within the Terraform configuration should match the exact name of the SSH key pair as it is stored in AWS. This ensures that Terraform can reference the correct key during the deployment process to set up SSH access to the FortiGate VM.

Terraform Variables: The variable 'keyname' block in the Terraform configuration will look for the key pair name as it should be declared in the terraform.tfvars file or passed as a variable during execution. This does not require the key pair's ID or fingerprint, just its name.


by Marguerita at Jan 25, 2025, 07:14 AM

Limited Time Offer

25%

Off

Get Premium NSE7_PBC-7.2 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ronny
27 days ago
Ah, the age-old dilemma of choosing between a 0.0.0.0/0 route to the FortiGate or the TGW. I'll go with Option C and hope the pet rock doesn't interfere.
upvoted 0 times
...
Dan
1 months ago
Wait, what if the customer has a pet rock in the data center? That could be the real issue here. But Option C looks good to me.
upvoted 0 times
Deonna
9 days ago
Yeah, Option C makes sense based on the scenario provided.
upvoted 0 times
...
Annamae
15 days ago
I agree, Option C seems to be the most logical solution.
upvoted 0 times
...
Donte
23 days ago
I think Option C is the correct choice.
upvoted 0 times
...
...
Santos
1 months ago
Hold up, why would they need a route to the TGW? That doesn't seem relevant to the issue at hand. I'd go with Option C.
upvoted 0 times
...
Barrett
1 months ago
Hmm, looks like the customer needs to add a route to the FortiGate internal interface from the landing subnets in the security VPC. Option C seems like the way to go.
upvoted 0 times
Norah
16 days ago
User 4: Let's go with option C then to correct the issue.
upvoted 0 times
...
Marlon
18 days ago
User 3: That makes sense, it should allow the outbound traffic to reach the FortiGate.
upvoted 0 times
...
Yolando
22 days ago
User 2: Option C suggests adding a route to the FortiGate port2 from the landing subnets in the security VPC.
upvoted 0 times
...
Rolande
1 months ago
User 1: I think the issue is with the route to the FortiGate internal interface.
upvoted 0 times
...
...
Catherin
2 months ago
I'm not sure about option C. I think option D might also be necessary for all VPCs.
upvoted 0 times
...
Winfred
2 months ago
I agree with you. The traffic route to the Internet Gateway and FortiGate port2 should be added.
upvoted 0 times
...
Ahmed
2 months ago
I think the correct answers are A and C.
upvoted 0 times
...

Save Cancel