ExamGecko
Login
Home / Fortinet / FCP_FGT_AD-7.4 / List of questions
Ask Question

Fortinet FCP_FGT_AD-7.4 Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

Which three strategies are valid SD-WAN rule strategies for member selection? (Choose three.)

Become a Premium Member for full access
  Unlock Premium Member

Question 22

Report Export Collapse

Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 23

Report Export Collapse

Which two statements are true regarding FortiGate HA configuration synchronization? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 24

Report Export Collapse

What are two features of the NGFW profile-based mode? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 25

Report Export Collapse

Refer to the exhibit to view the firewall policy.

Fortinet FCP_FGT_AD-7.4 image Question 25 25952 09182024185827000000

Why would the firewall policy not block a well-known virus, for example eicar?

Become a Premium Member for full access
  Unlock Premium Member

Question 26

Report Export Collapse

Which inspection mode does FortiGate use for application profiles if it is configured as a profile-based next-generation firewall (NGFW)?

Become a Premium Member for full access
  Unlock Premium Member

Question 27

Report Export Collapse

Refer to the exhibit showing a FortiGuard connection debug output.

Fortinet FCP_FGT_AD-7.4 image Question 27 25954 09182024185827000000

Based on the output, which two facts does the administrator know about the FortiGuard connection? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 28

Report Export Collapse

Refer to the exhibit.

Fortinet FCP_FGT_AD-7.4 image Question 28 25955 09182024185827000000

Why did FortiGate drop the packet?

Become a Premium Member for full access
  Unlock Premium Member

Question 29

Report Export Collapse

An administrator must enable a DHCP server on one of the directly connected networks on FortiGate. However, the administrator is unable to complete the process on the GUI to enable the service on the interface.

In this scenario, what prevents the administrator from enabling DHCP service?

Become a Premium Member for full access
  Unlock Premium Member

Question 30

Report Export Collapse

Refer to the exhibit.

Fortinet FCP_FGT_AD-7.4 image Question 30 25957 09182024185827000000

Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit.

What do you conclude when adding the FTP.Login.Failed signature to the IPS sensor profile?

Become a Premium Member for full access
  Unlock Premium Member
Total 88 questions
Go to page: of 9
Open VPLUS File
Convert VPLUS to PDF

Related questions

A network administrator has configured an SSL/SSH inspection profile defined for full SSL inspection and set with a private CA certificate. The firewall policy that allows the traffic uses this profile for SSL inspection and performs web filtering. When visiting any HTTPS websites, the browser reports certificate warning errors. What is the reason for the certificate warning errors?
Refer to the exhibit. FortiGate is configured for firewall authentication. When attempting to access an external website, the user is not presented with a login prompt. What is the most likely reason for this situation?
Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, as well as the IP pool configuration and firewall policy objects. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IPaddress 10.0.1.254/24. Which IP address will be used to source NAT (SNAT) the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?
A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the and does not block the file allowing it to be downloaded. The administrator confirms that the traffic matches the configured firewall policy. What are two reasons for the failed virus detection by FortiGate? (Choose two.)
Refer to the exhibits, which show the system performance output and the default configuration of high memory usage thresholds in a FortiGate. Based on the system performance output, what can be the two possible outcomes? (Choose two.)
Refer to the exhibits. FGT-1 and FGT-2 are updated with HA configuration commands shown in the exhibit. What would be the expected outcome in the HA cluster?
An administrator configured a FortiGate to act as a collector for agentless polling mode. What must the administrator add to the FortiGate device to retrieve AD user group information?
A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad. Which IPsec Wizard template must the administrator apply?
An administrator wants to configure dead peer detection (DPD) on IPsec VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when there is outbound traffic but no response from the peer. Which DPD mode on FortiGate meets this requirement?
A FortiGate firewall policy is configured with active authentication however, the user cannot authenticate when accessing a website. Which protocol must FortiGate allow even though the user cannot authenticate?