01. What is the bandwidth limitation of an Amazon Web Services (AWS) transit gateway VPC attachment?
a) Up to 1.25 Gbps per attachment
b) Up to 50 Gbps per attachment
c) Up to 10 Gbps per attachment
d) Up to 1 Gbps per attachment
02. An organization deployed a FortiGate-VM in the Google Cloud Platform and initially configured it with two vNICs. Now, the same organization wants to add additional vNICs to this existing FortiGate-VM to support different workloads in their environment.
How can they do this?
a) They can create additional vNICs using the Cloud Shell.
b) They cannot create and add additional vNICs to an existing FortiGate-VM.
c) They can create additional vNICs in the UI console.
d) They can use the Compute Engine API Explorer.
03. Which two statements about Amazon Web Services (AWS) networking are correct?
(Choose two.)
a) 802.1q VLAN tags are allowed inside the same Virtual Private Cloud.
b) Proxy ARP entries are disregarded.
c) Multicast traffic is not allowed.
d) AWS DNS reserves first host IP address of each subnet.
04. Which Fortinet clustering protocol (FGCP) is used in FortiGate devices in high availability (HA) cloud computing?
a) Both unicast and multicast FGCP
b) Broadcast FGCP
c) Unicast FGCP
d) Multicast FGCP
05. The company CTO asks the administrator to protect company applications from failing in a single location in Amazon Web Services (AWS). What should the administrator do to fulfill the requirement?
a) Use AWS virtual private cloud with multiple virtual machines
b) Use AWS simple storage service for fall tolerance
c) Use AWS cluster protocols to deploy applications
d) Use AWS availability zones for fail tolerance
06. You are using an elastic network interface (ENI) in AWS. Which two statements about ENIs are true?
(Choose two.)
a) When you move an ENI, you will need to configure a new MAC address.
b) You cannot detach a primary network interface from an instance.
c) You cannot move an ENI between availability zones.
d) ENIs can be moved between availability zones and between instances.
07. You are deploying a FortiGate device in AWS VPC and need to assign an IP address to the FortiGate device internal interface. Which IP address will you use for the internal interface?
a) Second host IP address of the subnet
b) Third host IP address of the subnet
c) Fourth host IP address of the subnet
d) First host IP address of the subnet
08. What does the shared responsibility model of cloud security mean for an enterprises deploying applications in the cloud?
a) The cloud customer is responsible for providing security for the entire environment.
b) The cloud customer is responsible for securing their deployed networks, applications, and data.
c) The applications hosted in the cloud are shared with the entire internet.
d) The cloud infrastructure provider secures the entire environment.
09. When configuring the FortiCASB policy, which three configuration options are available?
(Choose three.)
a) Intrusion prevention policies
b) Threat protection policies
c) Data loss prevention policies
d) Compliance policies
e) Antivirus policies
10. An Amazon Web Services (AWS) auto-scale FortiGate cluster has just experienced a scale-down event, terminating a FortiGate in availability zone C. This has now black-holed the private subnet in this availability zone.
What action will the worker node automatically perform to restore access to the black-holed subnet?
a) The worker node applies a route table from a non-black-holed subnet to the black-holed subnet.
b) The worker node moves the virtual IP of the terminated FortiGate to a running FortiGate on the worker node’s private subnet interface.
c) The worker node modifies the route table applied to the black-holed subnet changing its default route to point to a running FortiGate on the worker node’s private subnet interface.
d) The worker node migrates the subnet to a different availability zone.
Before you write the Fortinet NSE 7 Public Cloud Security (NSE7_PBC-7.2) certification exam, you may have certain doubts in your mind regarding the pattern of the test, the types of questions asked in it, the difficulty level of the questions and time required to complete the questions. These Fortinet Certified Solution Specialist - Public Cloud Security (NSE 7 Public Cloud Security) sample questions and demo exam help you in removing these doubts and prepare you to take the test.