FCP_FGT_AD-7.6 Exam Questions
128 real FCP_FGT_AD-7.6 exam questions with expert-verified answers and explanations. Page 3 of 3.
- Question #103Routing
Which two statements describe how the RPF check is used? (Choose two.)
RPFIP Spoofing ProtectionPacket ValidationSession Establishment - Question #104VPN
Which two settings are required for SSL VPN to function between two FortiGate devices? (Choose two.)
SSL VPNCertificate AuthenticationVPN InterfaceFortiGate - Question #105VPN
A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad. Which IPsec Wizard template must the administrator apply?
IPsec VPNRemote Access VPNFortiGate VPN configurationVPN Wizard - Question #106VPN
Refer to the exhibits. The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to the SSL VPN?
SSL VPNTroubleshootingClient ConfigurationPort Configuration - Question #107VPN
Refer to the exhibit. A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 failed to come up. The...
IPsec VPNPhase 1 troubleshootingIKE modeInterface configuration - Question #108Firewall policies and authentication
Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, as well as the firewall policy and IP pool configuration on the FortiGate device....
NATIP PoolFirewall PolicyTroubleshooting - Question #109Firewall policies and authentication
Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, VIP configuration, firewall policy, and the sniffer CLI output on the FortiGate d...
Source NAT (SNAT)Virtual IP (VIP)IP PoolFirewall Policy Order - Question #110Deployment and system configuration
Which statement is a characteristic of automation stitches?
Automation StitchesFortiGate AutomationSecurity FabricEvent-driven actions - Question #111Firewall policies and authentication
Which three methods are used by the collector agent for AD polling? (Choose three.)
FSSOActive Directory pollingUser authenticationCollector agent - Question #112Content inspection
Refer to the exhibits, which show the firewall policy and an antivirus profile configuration. Why is the user unable to receive a block replacement message when downloading an infe...
FortiGate AntivirusFlow-based inspectionBlock replacement messageContent inspection - Question #113VPN
An employee needs to connect to the office through a high-latency internet connection. Which SSL VPN setting should the administrator adjust to prevent SSL VPN negotiation failure?
SSL VPNTimeout settingsNegotiation failureHigh latency - Question #114Firewall policies and authentication
FortiGate is integrated with FortiAnalyzer and FortiManager. When a firewall policy is created, which attribute is added to the policy to improve functionality and to support recor...
FortiGate loggingFortiAnalyzer integrationFortiManager integrationUUID for policies - Question #115Content inspection
Refer to the exhibit to view the firewall policy. Why would the firewall policy not block a well-known virus, for example eicar?
AntivirusContent InspectionFirewall PolicyInspection Mode - Question #116Deployment and system configuration
Refer to the exhibits. FGT-1 and FGT-2 are updated with HA configuration commands shown in the exhibit. What would be the expected outcome in the HA cluster?
FortiGate HAHA electionPriorityOverride setting - Question #117Deployment and system configuration
Which method allows management access to the FortiGate CLI without network connectivity?
FortiGate CLI accessSerial consoleOut-of-band managementInitial configuration - Question #118Firewall policies and authentication
Refer to the exhibit. FortiGate is configured for firewall authentication. When attempting to access an external website, the user is not presented with a login prompt. What is the...
Firewall AuthenticationFirewall PolicyDNSTroubleshooting - Question #119Content inspection
Refer to the exhibit, which shows the IPS sensor configuration. If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)
IPSSecurity ProfilesSignature ActionsFortiGate Configuration - Question #120Firewall policies and authentication
Refer to the exhibit. FortiGate has two separate firewall policies for Sales and Engineering to access the same web server with the same security profiles. Which action must the ad...
Firewall PolicyPolicy ConsolidationSource InterfaceFortiGate Features - Question #121Content inspection
Which inspection mode does FortiGate use for application profiles if it is configured as a profile- based next-generation firewall (NGFW)?
FortiGate inspection modesFlow-based inspectionNGFW profilesApplication profiles - Question #122VPN
Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)
IPsec VPNIKEv1 authenticationPre-shared Key (PSK)XAuth - Question #123Content inspection
An administrator manages a FortiGate model that supports NTurbo. How does NTurbo enhance performance for flow-based inspection?
NTurboPerformance optimizationIPSFlow-based inspection - Question #124Content inspection
The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. Which order must FortiGate use when the web filt...
Web FilteringHTTP InspectionFortiGate Processing OrderFortiGuard Categories - Question #125Content inspection
Refer to the exhibit. Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit. What do you conclude when adding the FTP.Login.Failed signature...
IPSSignature-based detectionSecurity profilesFortiGate configuration - Question #126Deployment and system configuration
Refer to the exhibits. An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not avail...
FortiGate Security FabricObject SynchronizationAddress ObjectsFabric Object Unification - Question #127Firewall policies and authentication
Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, and the firewall configuration. An administrator created a Deny policy with defau...
Firewall PoliciesPolicy MatchingVirtual IP (VIP)Access Control - Question #128Deployment and system configuration
Refer to the exhibits, which show the system performance output and the default configuration of high memory usage thresholds in a FortiGate. Based on the system performance output...
FortiGate Conserve ModeMemory UsageSystem PerformanceResource Management - Question #129Content inspection
A FortiGate administrator enables SSL deep inspection on a policy but users report certificate warnings in their browsers. What is the most appropriate step to resolve this while k...
SSL deep inspectionFortiGate CA certificateCertificate warningsHTTPS inspection - Question #130Firewall policies and authentication
An administrator wants to ensure that a specific firewall policy on FortiGate is matched before any other policies for the same traffic. Which configuration change is most appropri...
Firewall policy orderPolicy precedenceFortiGate policiesTraffic matching