Special Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Fortinet Updated NSE7_PBC-6.4 Exam Questions and Answers by sam

Page: 2 / 2

Fortinet NSE7_PBC-6.4 Exam Overview :

Exam Name: Fortinet NSE 7 - Public Cloud Security 6.4
Exam Code: NSE7_PBC-6.4 Dumps
Vendor: Fortinet Certification: NSE 7 Network Security Architect
Questions: 30 Q&A's Shared By: sam
Question 8

Which two statements about the Amazon Cloud Services (AWS) network access control lists (ACLs) are true? (Choose two.)

Options:

A.

Network ACLs are stateless, and inbound and outbound rules are used for traffic filtering.

B.

Network ACLs are stateful, and inbound and outbound rules are used for traffic filtering.

C.

Network ACLs must be manually applied to virtual network interfaces.

D.

Network ACLs support allow rules and deny rules.

Discussion
Question 9

Refer to the exhibit.

Questions 9

In your Amazon Web Services (AWS) virtual private cloud (VPC), you must allow outbound access to the internet and upgrade software on an EC2 instance, without using a NAT instance. This specific EC2 instance is running in a private subnet: 10.0.1.0/24.

Also, you must ensure that the EC2 instance source IP address is not exposed to the public internet. There are two subnets in this VPC in the same availability zone, named public (10.0.0.0/24) and private (10.0.1.0/24).

How do you achieve this outcome with minimum configuration?

Options:

A.

Deploy a NAT gateway with an EIP in the private subnet, edit the public main routing table, and change the destination route 0.0.0.0/0 to the target NAT gateway.

B.

Deploy a NAT gateway with an EIP in the public subnet, edit route tables, select Public-route, and delete the route destination 10.0.0.0/16 to target local.

C.

Deploy a NAT gateway with an EIP in the private subnet, edit route tables, select Private-route, and add a new route destination 0.0.0.0/0 to the target internet gateway.

D.

Deploy a NAT gateway with an EIP in the public subnet, edit route tables, select Private-route and add a new route destination 0.0.0.0/0 to target the NAT gateway.

Discussion
Page: 2 / 2

NSE7_PBC-6.4
PDF

$36.75  $104.99

NSE7_PBC-6.4 Testing Engine

$43.75  $124.99

NSE7_PBC-6.4 PDF + Testing Engine

$57.75  $164.99