Home

Home / Fortinet / FCP_FGT_AD-7.4

Question list

List of questions

Question 1

(0)

Refer to the exhibit. Which two statements are true about the routing entries in this database table? (Choose two.)

Question 2

(0)

Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)

Question 3

(0)

Refer to the exhibit. Which algorithm does SD-WAN use to distribute traffic that does not match any of the SD-WAN rules?

Question 4

(0)

A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad. Which IPsec Wizard template must the administrator apply?

Question 5

(0)

Refer to the exhibits, which show the system performance output and the default configuration of high memory usage thresholds in a FortiGate. Based on the system performance output, what can be

Question 6

(0)

Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, as well as the firewall policy and IP pool configuration on the FortiGate device. Two PCs,

Question 7

(0)

Which method allows management access to the FortiGate CLI without network connectivity?

Question 8

(0)

Refer to the exhibit. In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output shown in

Question 9

(0)

Refer to the exhibit. The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile. An administrator must block access to download.com, which belongs t

Question 10

(0)

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. All traffic must be routed through the primary tunnel when both tu

Open VPLUS File

Convert VPLUS to PDF

Related questions

Refer to the exhibits. FGT-1 and FGT-2 are updated with HA configuration commands shown in the exhibit. What would be the expected outcome in the HA cluster?

Which three methods are used by the collector agent for AD polling? (Choose three.)

Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, and the firewall configuration. An administrator created a Deny policy with default settings to deny Webserver access for Remote-User2. The policy should work such that Remote-User1 must be able to access the Webserver while preventing Remote-User2 from accessing the Webserver. Which two configuration changes can the administrator make to the policy to deny Webserver access for Remote-User2? (Choose two.)

Which two statements about equal-cost multi-path (ECMP) configuration on FortiGate are true? (Choose two.)

An administrator configured a FortiGate to act as a collector for agentless polling mode. What must the administrator add to the FortiGate device to retrieve AD user group information?

Which three strategies are valid SD-WAN rule strategies for member selection? (Choose three.)

Refer to the exhibit, which shows a partial configuration from the remote authentication server. Why does the FortiGate administrator need this configuration?

A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad. Which IPsec Wizard template must the administrator apply?

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes. All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down. In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover. Which two key configuration changes must the administrator make on FortiGate to meet the requirements? (Choose two.)

A network administrator has configured an SSL/SSH inspection profile defined for full SSL inspection and set with a private CA certificate. The firewall policy that allows the traffic uses this profile for SSL inspection and performs web filtering. When visiting any HTTPS websites, the browser reports certificate warning errors. What is the reason for the certificate warning errors?

Question 50 - FCP_FGT_AD-7.4 discussion

Report

Which two attributes are required on a certificate so it can be used as a CA certificate on SSL inspection? (Choose two.)

A.

The issuer must be a public CA

B.

The CA extension must be set to TRUE

C.

The Authority Key Identifier must be of type SSL

D.

The keyUsage extension must be set to

Show Answer

asked 12/11/2024

Cesar Castillo

31 questions

User

Your answer: A B C D

0 comments

Sorted by

Leave a comment first