Fortinet Updated NSE7_PBC-7.2 Exam Questions and Answers by kylo

The correct answer is B and D. A transit gateway with an attachment and a transit VPC support east-west traffic inspection within the AWS cloud by the FortiGate VM.

According to the Fortinet documentation for Public Cloud Security, a transit gateway is a network transit hub that connects VPCs and on-premises networks. A transit gateway attachment is a resource that connects a VPC or VPN to a transit gateway. By using a transit gateway with an attachment, you can route traffic from your spoke VPCs to your security VPC, where the FortiGate VM can inspect the traffic1.

A transit VPC is a VPC that serves as a global network transit center for connecting multiple VPCs, remote networks, and virtual private networks (VPNs). By using a transit VPC, you can deploy the FortiGate VM as a virtual appliance that provides network security and threat prevention for your VPCs2.

The other options are incorrect because:

A NAT gateway with an EIP is a service that enables instances in a private subnet to connect to the internet or other AWS services, but prevents the internet from initiating a connection with those instances. A NAT gateway with an EIP does not support east-west traffic inspection within the AWS cloud by the FortiGate VM3.

An Internet gateway with an EIP is a horizontally scaled, redundant, and highly available VPC component that allows communication between instances in your VPC and the internet. An Internet gateway with an EIP does not support east-west traffic inspection within the AWS cloud by the FortiGate VM4.

1: Fortinet Documentation Library - Deploying FortiGate VMs on AWS 2: [Fortinet Documentation Library - Transit VPC on AWS] 3: [NAT Gateways - Amazon Virtual Private Cloud] 4: [Internet Gateways - Amazon Virtual Private Cloud]

To get Terraform ready using Microsoft Azure Cloud Shell, you need to perform the following steps:

Set up a storage account in Azure. This is required to store the Terraform state file in a blob container, which enables collaboration and persistence of the infrastructure configuration1.

Use the wget (terraform_version) command to upload Terraform. This command downloads the latest version of Terraform from the official website and saves it as a zip file in the current directory2.

Move the Terraform file to the bin directory. This step extracts the Terraform executable from the zip file and moves it to the bin directory, which is part of the PATH environment variable. This allows you to run Terraform commands from any directory in Cloud Shell2.

The other options are incorrect because:

You do not need to use the -O command to download Terraform. This command is used to specify a different output file name for the downloaded file, but it is not necessary for this task3.

You do not need to subscribe to Terraform in Azure. Terraform is an open-source tool that can be used with any cloud provider, and there is no subscription or registration required to use it with Azure4. References:

Updating the route table and adding an IAM policy

Configure Terraform in Azure Cloud Shell with Bash

wget(1) - Linux man page

Terraform by HashiCorp