Big Halloween Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Fortinet
  3. Fortinet Network Security Expert
  4. FCP_FGT_AD-7.6
  5. FortiGate 7.6 Administrator FCP_FGT_AD-7.6 Questions and Answers

Pass the Fortinet Fortinet Network Security Expert FCP_FGT_AD-7.6 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

Refer to the exhibit.

Question # 1

An administrator has created a new firewall address to use as the destination for a static route.

Why is the administrator not able to select the new address in the Destination field of the new static route?

Options:
A.

In the new static route, the administrator must select Named Address.

B.

In the new firewall address, the FQDN address must first beresolved.

C.

In the new static route, the administrator must first set the interface to port2.

D.

In the new firewall address, Routing configuration must be enabled.

Expert Solution
Questions # 2:

You have created a web filter profile named restrict_media-profile with a daily category usage quota.

When you are adding the profile to the firewall policy, the restrict_media-profile is not listed in the available web profile drop down.

What could be the reason?

Options:
A.

The firewall policy is in no-inspection mode instead of deep-inspection.

B.

The inspection mode in the firewall policy is not matching with web filter profile feature set.

C.

The web filter profile is already referenced in another firewall policy.

D.

The naming convention used in the web filter profile is restricting it in the firewall policy.

Expert Solution
Questions # 3:

Refer to the exhibit.

Question # 3

Based on this partial configuration, what are the two possible outcomes when FortiGate enters conserve mode? (Choose two.)

Options:
A.

Administrators cannot change the configuration.

B.

FortiGate skips quarantine actions.

C.

Administrators must restart FortiGate to allow new session.

D.

FortiGate drops new sessions requiring inspection.

Expert Solution
Questions # 4:

What is the primary FortiGate election process when the HA override setting is enabled?

Options:
A.

Connected monitored ports > Priority > HA uptime > FortiGate serial number

B.

Connected monitored ports > Priority > System uptime > FortiGate serial number

C.

Connected monitored ports > HA uptime > Priority > FortiGate serial number

D.

Connected monitored ports > System uptime > Priority > FortiGate serial number

Expert Solution
Questions # 5:

An administrator notices that some users are unable to establish SSL VPN connections, while others can connect without any issues.

What should the administrator check first?

Options:
A.

Ensure that the affected users are using the correct port number.

B.

Ensure that user traffic is hitting the firewall policy.

C.

Ensure that forced tunneling is enabled to reroute all traffic through the SSL VPN

D.

Ensure that the HTTPS service is enabled on SSL VPN tunnel interface

Expert Solution
Questions # 6:

Refer to the exhibit.

Question # 6

An administrator has configured an Application Overrides for the ABC.Com application signature and set the Action to Allow. This application control profile is then applied to a firewall policy that is scanning all outbound traffic. Logging is enabled in the firewall policy. To test the configuration, the administrator accessed the ABC.Com web site several times.

Why are there no logs generated under security logs for ABC.Com?

Options:
A.

The ABC.Com Type is set as Application instead of Filter.

B.

The ABC.Com is configured under application profile, which must be configured as a web filter profile.

C.

The ABC.Com Action is set to Allow.

D.

The ABC.Com is hitting the category Excessive-Bandwidth.

Expert Solution
Questions # 7:

Which two statements are correct when FortiGate enters conserve mode? (Choose two.)

Options:
A.

FortiGate continues to run critical security actions, such as quarantine.

B.

FortiGate refuses to accept configuration changes.

C.

FortiGate halts complete system operation and requires a reboot to regain available resources.

D.

FortiGate continues to transmit packets without IPS inspection when the fail-open global setting in IPS is enabled.

Expert Solution
Questions # 8:

Refer to the exhibit.

Question # 8

As an administrator you have created an IPS profile, but it is not performing as expected. While testing you got the output as shown in the exhibit.

What could be the possible reason of the diagnose output shown in the exhibit?

Options:
A.

There is a no firewall policy configured with an IPS security profile.

B.

FortiGate entered into IPS fail open state.

C.

Administrator entered the command diagnose test application ipsmonitor 5.

D.

Administrator entered the command diagnose test application ipsmonitor 99.

Expert Solution
Questions # 9:

What are three key routing principles in SD-WAN? (Choose three.)

Options:
A.

By default. SD-WAN rules are skipped if the included SD-WAN members do not have a valid route to the destination.

B.

SD-WAN rules have precedence over any other type of routes.

C.

Regular policy routes have precedence over SD-WAN rules.

D.

By default. SD-WAN rules are skipped if only one route to the destination is available.

E.

By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.

Expert Solution
Questions # 10:

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

Options:
A.

The collector agent uses a Windows API to query DCs for user logins.

B.

NetAPI polling can increase bandwidth usage in large networks.

C.

The NetSessionEnum function is used to track user logouts.

D.

The collector agent must search Windows application event logs.

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions