Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Examstrust Logo
examstrust mcafee
  1. Home
  2. Fortinet
  3. Network Security
  4. FCP_FGT_AD-7.6 - FCP - FortiGate 7.6 Administrator

Fortinet FCP_FGT_AD-7.6 FCP - FortiGate 7.6 Administrator Exam Practice Test

Page: 1 / 0
Total 0 questions
Get FCP_FGT_AD-7.6 Full Access Download FCP_FGT_AD-7.6 PDF

FCP - FortiGate 7.6 Administrator Questions and Answers

Question 1

Refer to the exhibit.

An administrator has configured an Application Overrides for the ABC.Com application signature and set theAction to Allow. This application control profile is then applied to a firewall policy that is scanning all outbound traffic. Logging is enabled in the firewall policy. To test the configuration, the administrator accessed the ABC.Com web site several times.

Why are there no logs generated under security logs for ABC.Com?

Options:

A.

The ABC.Com Type is set as Application instead of Filter.

B.

The ABC.Com is configured under application profile, which must be configured as a web filter profile.

C.

The ABC.Com Action is set to Allow.

D.

The ABC.Com is hitting the category Excessive-Bandwidth.

Question 2

A remote user reports slow SSL VPN performance and frequent disconnections. The user is located in an area with poor internet connectivity.

What setting should the administrator adjust to improve the user's experience?

Options:

A.

Enable split tunneling to reduce VPN traffic.

B.

Change the SSL VPN port to a non-standard port.

C.

Increase the session timeout for inactive sessions.

D.

Configure the DTLS timeout to accommodate high-latency connections.

Question 3

A new administrator is configuring FSSO authentication on FortiGate using DC Agent Mode.

Which step is NOT part of the expected process?

Options:

A.

The DC agent sends login event data directly to FortiGate.

B.

The user logs into the windows domain.

C.

The collector agent forwards login event data to FortiGate.

D.

FortiGate determines user identity based on the IP address in the FSSO list.

Question 4

Which two statements describe characteristics of automation stitches? (Choose two.)

Options:

A.

Actions involve only devices included in the Security Fabric.

B.

An automation stitch can have multiple triggers.

C.

Multiple actions can run in parallel.

D.

Triggers can involve external connectors.

Question 5

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI.

Based on the exhibit, which statement is true?

Options:

A.

The Underlay zone is the zone by default.

B.

The Underlay zone contains no member.

C.

port2 and port3 are not assigned to a zone.

D.

The virtual-wan-link and overlay zones can be deleted.

Question 6

A network administrator is reviewing firewall policies in both Interface Pair View and By Sequence View. The policies appear in a different order in each view.

Why is the policy order different in these two views?

Options:

A.

Policies in Interface Pair View are prioritized by security levels, while By Sequence View strictly follows the administrator’s manual ordering.

B.

By Sequence View groups policies based on rule priority, while Interface Pair View always follows the order of traffic logs.

C.

The firewall dynamically reorders policies in Interface Pair View based on recent traffic patterns, but By Sequence View remains static.

D.

Interface Pair View sorts policies based on matching interfaces, while By Sequence View shows the actual processing order of rules.

Question 7

You have configured an application control profile, set peer-to-peer traffic to Block under the Categories tab, and applied it to the firewall policy. However, your peer-to-peer traffic on known ports is passing through the FortiGate without being blocked.

What FortiGate settings should you check to resolve this issue?

Options:

A.

FortiGuard category ratings

B.

Application and Filter Overrides

C.

Network Protocol Enforcement

D.

Replacement Messages for UDP-based Applications

Question 8

When configuring firewall policies which of the following is true regarding the policy ID?

Options:

A.

It is mandatory to provide a policy ID while creating a firewall policy regardless of GUI or CLI.

B.

A firewall policy ID identifies the order of policy execution in firewall policies.

C.

You can create a policy in CLI with policy ID 0.

D.

A policy ID cannot be edited once a policy is created.

Question 9

What is the primary FortiGate election process when the HA override setting is enabled?

Options:

A.

Connected monitored ports > Priority > HA uptime > FortiGate serial number

B.

Connected monitored ports > Priority > System uptime > FortiGate serial number

C.

Connected monitored ports > HA uptime > Priority > FortiGate serial number

D.

Connected monitored ports > System uptime > Priority > FortiGate serial number

Question 10

What are three key routing principles in SD-WAN? (Choose three.)

Options:

A.

By default. SD-WAN rules are skipped if the included SD-WAN members do not have a valid route to the destination.

B.

SD-WAN rules have precedence over any other type of routes.

C.

Regular policy routes have precedence over SD-WAN rules.

D.

By default. SD-WAN rules are skipped if only one route to the destination is available.

E.

By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.

Question 11

Refer to the exhibit.

An administrator has created a new firewall address to use as the destination for a static route.

Why is the administrator not able to select the new address in theDestinationfield of the new static route?

Options:

A.

In the new static route, the administrator must select Named Address.

B.

In the new firewall address, the FQDN address must first beresolved.

C.

In the new static route, the administrator must first set the interface to port2.

D.

In the new firewall address, Routing configuration must be enabled.

Question 12

Refer to the exhibit.

Based on this partial configuration, what are the two possible outcomes when FortiGate enters conserve mode? (Choose two.)

Options:

A.

Administrators cannot change the configuration.

B.

FortiGate skips quarantine actions.

C.

Administrators must restart FortiGate to allow new session.

D.

FortiGate drops new sessions requiring inspection.

Question 13

An administrator notices that some users are unable to establish SSL VPN connections, while others can connect without any issues.

What should the administrator check first?

Options:

A.

Ensure that the affected users are using the correct port number.

B.

Ensure that user traffic is hitting the firewall policy.

C.

Ensure that forced tunneling is enabled to reroute all traffic through the SSL VPN

D.

Ensure that the HTTPS service is enabled on SSL VPN tunnel interface

Load More FCP_FGT_AD-7.6 Questions
Page: 1 / 0
Total 0 questions
Get FCP_FGT_AD-7.6 Full Access Download FCP_FGT_AD-7.6 PDF