Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet FCP_FGT_AD-7.4 - FCP - FortiGate 7.4 Administrator

Fortinet FCP_FGT_AD-7.4 Premium Access     Download Demo    
Page: 3 / 3
Total 89 questions

Refer to the exhibit.

Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit.

What do you conclude when adding theFTP.Login.Failedsignature to the IPS sensor profile?

A.

Traffic matching the signature will be allowed and logged.

B.

The signature setting uses a custom rating threshold.

C.

The signature setting includes a group of other signatures.

D.

Traffic matching the signature will be silently dropped and logged.

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

A.

The NetSessionEnum function is used to track user logouts.

B.

NetAPI polling can increase bandwidth usage in large networks.

C.

The collector agent must search Windows application event logs.

D.

The collector agent uses a Windows API to query DCs for user logins.

Refer to the exhibit.

The exhibit shows a diagram of a FortiGate device connected to the network, the firewall policy and VIP configuration on the FortiGate device, and the routing table on the ISP router.

When the administrator tries to access the web server public address (203.0.113.2) from the internet, the connection times out. At the same time the administrator runs a sniffer on FortiGate to capture incoming web traffic to the server and does not see any output.

Based on the information shown in the exhibit, what configuration change must the administrator make to fix the connectivity issue?

A.

Configure a loopback interface with address 203.0.113.2/32.

B.

In the VIP configuration, enable arp-reply.

C.

In the firewall policy configuration, enable match-vip.

D.

Enable port forwarding on the server to map the external service port to the internal service port.

An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings.

What is true about the DNS connection to a FortiGuard server?

A.

It uses UDP 8888.

B.

It uses DNS over HTTPS.

C.

It uses DNS over TLS.

D.

It uses UDP 53.

Which statement is a characteristic of automation stitches?

A.

They can be run only on devices in the Security Fabric.

B.

They can be created only on downstream devices in the fabric.

C.

They can have one or more triggers.

D.

They can run multiple actions at the same time.

What are three key routing principles in SD-WAN? (Choose three.)

A.

By default. SD-WAN members are skipped if they do not have a valid route to the destination

B.

By default. SD-WAN rules are skipped if only one route to the destination is available

C.

By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member

D.

SD-WAN rules have precedence over any other type of routes

E.

Regular policy routes have precedence over SD-WAN rules