FCSS_EFW_AD-7.6 Exam Questions

Refer to the exhibit, which shows an ADVPN network. An administrator must configure an ADVPN using IBGP and EBGP to connect overlay network 1 with 2. What two options must the admi...

Refer to the exhibit, which contains the partial output of an OSPF command. An administrator is checking the OSPF status of a FortiGate device and receives the output shown in the...

The IT department discovered during the last network migration that all zero phase selectors in phase 2 IPsec configurations impacted network operations. What are two valid approac...

How will configuring set tcp-mss-sender and set tcp-mss-receiver in a firewall policy affect the size and handling of TCP packets in the network?

A vulnerability scan report has revealed that a user has generated traffic to the website example.com (10.10.10.10) using a weak SSL/TLS version supported by the HTTPS web server....

Refer to the exhibit, which contains the partial output of an OSPF command. An administrator is checking the OSPF status of a FortiGate device and receives the output shown in the...

An administrator is setting up an ADVPN configuration and wants to ensure that peer IDs are not exposed during VPN establishment. Which protocol can the administrator use to enhanc...

An administrator must minimize CPU and RAM use on a FortiGate firewall while also enabling essential security features, such as web filtering and application control for HTTPS traf...

An administrator must standardize the deployment of FortiGate devices across branches with consistent interface roles and policy packages using FortiManager. What is the recommende...

Refer to the exhibit, which shows an enterprise network connected to an internet service provider. An administrator must configure a loopback as a BGP source to connect to the ISP....

What action can be taken on a FortiGate to block traffic using IPS protocol decoders, focusing on network transmission patterns and application signatures?

An administrator is designing an ADVPN network for a large enterprise with spokes that have varying numbers of internet links. They want to avoid a high number of routes and peer c...

Refer to the exhibit, which shows the ADVPN IPsec interface representing the VPN IPsec phase 1 from Hub A to Spoke 1 and Spoke 2, and from Hub to Spoke 3 and Spoke 4. An administra...

A FortiGate device with UTM profiles is reaching the resource limits, and the administrator expects the traffic in the enterprise network to increase. The administrator has receive...

Refer to the exhibit. The routing tables of FortiGate_A and FortiGate_B are shown. FortiGate_A and FortiGate_B are in the same autonomous system. The administrator wants to dynamic...

Refer to the exhibit, which shows a network diagram showing the addition of site 2 with an overlapping network segment to the existing VPN IPsec connection between the hub and site...

An administrator wants to scale the IBGP sessions and optimize the routing table in an IBGP network. Which parameter should the administrator configure?

Refer to the exhibits. The configuration of a user's Windows PC, which has a default MTU of 1500 bytes, along with FortiGate interfaces set to an MTU of 1000 bytes, and the results...

Refer to the exhibit, which shows the VDOM section of a FortiGate device. An administrator discovers that webfilter stopped working in Core1 and Core2 after a maintenance window. W...

Refer to the exhibit. An administrator is deploying a hub and spokes network and using OSPF as dynamic protocol. Which configuration is mandatory for neighbor adjacency?

A company that acquired multiple branches across different countries needs to install new FortiGate devices on each of those branches. However, the IT staff lacks sufficient knowle...

An administrator is checking an enterprise network and sees a suspicious packet with the MAC address e0:23:ff:fc:00:86. What two conclusions can the administrator draw? (Choose two...

A company's guest internet policy, operating in proxy mode, blocks access to Artificial Intelligence Technology sites using FortiGuard. However, a guest user accessed a page in thi...

An administrator needs to install an IPS profile without triggering false positives that can impact applications and cause problems with the user's normal traffic flow. Which actio...

Refer to the exhibit, which shows a hub and spokes deployment. An administrator is deploying several spokes, including the BGP configuration for the spokes to connect to the hub. W...

Why does the ISDB block layers 3 and 4 of the OSI model when applying content filtering? (Choose two.)

Refer to the exhibits. The Administrators section of a root FortiGate device and the Security Fabric Settings section of a downstream FortiGate device are shown. When prompted to s...

A user reports that their computer was infected with malware after accessing a secured HTTPS website. However, when the administrator checks the FortiGate logs, they do not see tha...

Refer to the exhibit, which contains a partial command output. The administrator has configured BGP on FortiGate. The status of this new BGP configuration is shown in the exhibit....

Refer to the exhibit, which shows the packet capture output of a three-way handshake between FortiGate and FortiManager Cloud. What two conclusions can you draw from the exhibit? (...

Refer to the exhibit, which shows a LAN interface connected from FortiGate to two FortiSwitch devices. What two conclusions can you draw from the corresponding LAN interface? (Choo...

Refer to the exhibit, which shows the HA status of an active-passive cluster. An administrator wants FortiGate_B to handle the Core2 VDOM traffic. Which modification must the admin...

During the maintenance window, an administrator must sniff all the traffic going through a specific firewall policy, which is handled by NP6 interfaces. The output of the sniffer t...

Refer to the exhibit, which shows a network diagram. An administrator would like to modify the MED value advertised from FortiGate_1 to a BGP neighbor in the autonomous system 30....

An administrator received a FortiAnalyzer alert that a 1 disk filled up in a day. Upon investigation, they found thousands of unusual DNS log requests, such as JHCMQK.website.com,...

An administrator configured the FortiGate devices in an enterprise network to join the Fortinet Security Fabric. The administrator has a list of IP addresses that must be blocked b...

Refer to the exhibit, which shows an OSPF network. Which configuration must the administrator apply to optimize the OSPF database?

What does the command set forward-domain <domain_ID> in a transparent VDOM interface do?

Refer to the exhibit, which shows a physical topology and a traffic log. The administrator is checking on FortiAnalyzer traffic from the device with IP address 10.1.10.1, located b...

Refer to the exhibit, which contains a partial VPN configuration. What can you conclude from this VPN IPsec phase 1 configuration?

A company's users on an IPsec VPN between FortiGate A and B have experienced intermittent issues since implementing VXLAN. The administrator suspects that packets exceeding the 150...

Refer to the exhibit, which shows a command output. FortiGate_A and FortiGate_B are members of an FGSP cluster in an enterprise network. While testing the cluster using the ping co...

Refer to the exhibit, which shows a partial troubleshooting command output. An administrator is extensively using IPsec on FortiGate. Many tunnels show information similar to the o...

Refer to the exhibit, which shows a corporate network and a new remote office network. An administrator must integrate the new remote office network with the corporate enterprise n...

Refer to the exhibit, which shows an enterprise network connected to an internet service provider. The administrator must configure the BGP section of FortiGate A to give internet...

Refer to the exhibit, which shows an ADVPN network. The client behind Spoke-1 generates traffic to the device located behind Spoke-2. What is the first message that the hub sends t...

What is the initial step performed by FortiGate when handling the first packets of a session?

An administrator applied a block-all IPS profile for client and server targets to secure the server, but the database team reported the application stopped working immediately afte...

An administrator is extensively using VXLAN on FortiGate. Which specialized acceleration hardware does FortiGate need to improve its performance?

Refer to the exhibit, which shows a partial enterprise network. An administrator would like the area 0.0.0.0 to detect the external network. What must the administrator configure?