Download FCP-FortiGate 7.4 Administrator.FCP_FGT_AD-7.4.VCEplus.2024-09-08.23q.vcex

Vendor: Fortinet
Exam Code: FCP_FGT_AD-7.4
Exam Name: FCP-FortiGate 7.4 Administrator
Date: Sep 08, 2024
File Size: 3 MB
Downloads: 8

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Which method allows management access to the FortiGate CLI without network connectivity?
  1. SSH console
  2. CLI console widget
  3. Serial console
  4. Telnet console
Correct answer: B
Question 2
Refer to the exhibit.
In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output shown in the exhibit.
What should the administrator do next, to troubleshoot the problem?
  1. Execute a debug flow.
  2. Capture the traffic using an external sniffer connected to part1.
  3. Execute another sniffer on FortiGate, this time with the filter 'hose 10.o.1.10'.
  4. Run a sniffer on the web server.
Correct answer: A
Question 3
Refer to the exhibit.
The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile.
An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category.
What are two solutions for satisfying the requirement? (Choose two.)
  1. Configure a separate firewall policy with action Deny and an FQDN address object for *. download, com as destination address.
  2. Set the Freeware and Software Downloads category Action to Warning
  3. Configure a web override rating for download, com and select Malicious Websites as the subcategory.
  4. Configure a static URL filter entry for download, com with Type and Action set to Wildcard and Block, respectively.
Correct answer: CD
Question 4
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down. In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover.
Which two key configuration changes must the administrator make on FortiGate to meet the requirements? (Choose two.)
  1. Enable Dead Peer Detection
  2. Enable Auto-negotiate and Autokey Keep Alive on the phase 2 configuration of both tunnels.
  3. Configure a lower distance on the static route for the primary tunnel, and a higher distance on the static route for the secondary tunnel.
  4. Configure a higher distance on the static route for the primary tunnel, and a lower distance on the static route for the secondary tunnel.
Correct answer: AC
Question 5
Refer to the exhibits.
The exhibits show the application sensor configuration and the Excessive-Bandwidth and Apple filter details.
Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming?
  1. Apple FaceTime will be allowed, based on the Video/Audio category configuration.
  2. Apple FaceTime will be allowed, based on the Apple filter configuration.
  3. Apple FaceTime will be allowed only if the Apple filter in Application and Filter Overrides is set to Allow.
  4. Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration.
Correct answer: D
Question 6
An employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent SSL VPN negotiation failure?
  1. SSL VPN idle-timeout
  2. SSL VPN login-timeout
  3. SSL VPN dtls-hello-timeout
  4. SSL VPN session-ttl
Correct answer: B
Question 7
When FortiGate performs SSL/SSH full inspection, you can decide how it should react when it detects an invalid certificate.
Which three actions are valid actions that FortiGate can perform when it detects an invalid certificate? (Choose three.)
  1. Allow & Warning
  2. Trust & Allow
  3. Allow
  4. Block & Warning
  5. Block
Correct answer: ABE
Question 8
Refer to the exhibit, which shows the IPS sensor configuration.
If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)
  1. The sensor will gather a packet log for all matched traffic.
  2. The sensor will reset all connections that match these signatures.
  3. The sensor will allow attackers matching the Microsoft.Windows.iSCSl.Target.DoS signature.
  4. The sensor will block all attacks aimed at Windows servers.
Correct answer: CD
Question 9
Which statement is a characteristic of automation stitches?
  1. They can be run only on devices in the Security Fabric.
  2. They can be created only on downstream devices in the fabric.
  3. They can have one or more triggers.
  4. They can run multiple actions at the same time.
Correct answer: D
Question 10
What is the primary FortiGate election process when the HA override setting is disabled?
  1. Connected monitored ports > Priority > System uptime > FortiGate serial number
  2. Connected monitored ports > System uptime > Priority > FortiGate serial number
  3. Connected monitored ports > Priority > HA uptime > FortiGate serial number
  4. Connected monitored ports > HA uptime > Priority > FortiGate serial number
Correct answer: C
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!