In a hub-and-spoke topology, what are two advantages of enabling ADVPN on the IPsec overlays? (Choose two.)

A. It provides the benefits of a full-mesh topology in a hub-and-spoke network.

B. It provides direct connectivity between spokes by creating shortcuts.

C. It enables spokes to bypass the hub during shortcut negotiation.

D. It enables spokes to establish shortcuts to third-party gateways.

Which best describes the SD-WAN traffic shaping mode that bases itself on a percentage of available bandwidth?

A. Interface-based shaping mode

B. Reverse-policy shaping mode

C. Shared-policy shaping mode

D. Per-IP shaping mode

Refer to the exhibit.

The exhibit shows the SD-WAN rule status and configuration.

Based on the exhibit, which change in the measured latency will make T_MPLS_0 the new preferred member?

A. When T_INET_0_0 and T_MPLS_0 have the same latency.

B. When T_MPLS_0 has a latency of 100 ms.

C. When T_INET_0_0 has a latency of 250 ms.

D. When T_N1PLS_0 has a latency of 80 ms.

Refer to the exhibit.

What must you configure to enable ADVPN?

A. On the hub VPN, only the device needs additional phase one sett

B. ADVPN should only be enabled on unmanaged FortiGate devices.

C. Each VPN device has a unique pre-shared key configured separately on phase one

D. The protected subnets should be set to address object to all (0.0.0.0/0)..

Refer to the exhibits.

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SD-WAN member and the static routes configuration. If port2 is detected dead by FortiGate, which expected behavior is correct?

A. Port2 becomes alive after one successful probe is detected.

B. The SD-WAN interface becomes disabled and port1 becomes the WAN interface.

C. Dead members require manual administrator access to bring them back alive.

D. Subnets 10.0.20.0/23 and 172.20.0.0/16 are reachable only through port1.

Which three protocols are available only on the command line to configure as performance SLA status check? (Choose three.)

A. smtp

B. tcp-echo

C. twamp

D. udp-echo

E. icmp

What are two roles that SD-WAN orchestrator plays when it works with FortiManager? (Choose two )

A. It configures and monitors SD-WAN networks on FortiGate devices that are managed by FortiManager.

B. It acts as a standalone device to assist FortiManager to manage SD-WAN interfaces on the managed FortiGate devices.

C. It acts as a hub FortiGate with an SD-WAN interface enabled and managed along with other FortiGate devices by FortiManager.

D. It acts as an application that is released and signed by Fortinet to run as a part of management extensions on FortiManager.

Refer to exhibits. Exhibit A.

Exhibit B.

Exhibit A shows the SD-WAN performance SLA and exhibit B shows the SO-WAN interface and the static routes configuration. Port1 and port2 are member interfaces of the SD-WAN, and port2 becomes a dead member after reaching the failure thresholds Which statement about the dead member is correct?

A. Subnets 100 .64.1.0/23 and 172 . 20 . 0. 0/16 are reachable only through port1

B. SD-WAN interface becomes disabled and port1 becomes the WAN interface

C. Dead members require manual administrator access to bring them back alive

D. Port2 might become alive when a single response is received from an SLA server

Which diagnostic command you can use to show interface-specific SLA logs for the last 10 minutes?

A. diagnose sys virtual-wan-link health-check

B. diagnose sys virtual-wan-link log

C. diagnose sys virtual-wan-link sla-log

D. diagnose sys virtual-wan-link intf-sla-log

What are two reasons why FortiGate would be unable to complete the zero-touch provisioning process? (Choose two.)

A. The FortiGate cloud key has not been added to the FortiGate cloud portal.

B. FortiDeploy has connected with FortiGate and provided the initial configuration to contact FortiManager

C. The zero-touch provisioning process has completed internally, behind FortiGate.

D. FortiGate has obtained a configuration from the platform template in FortiGate cloud.

E. A factory reset performed on FortiGate.