Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

FCP_FGT_AD-7.4 Exam Dumps - Fortinet Network Security Expert Questions and Answers

Question # 24

Which three CLI commands, can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

Options:

A.

execute ping

B.

execute traceroute

C.

diagnose sys top

D.

get system arp

E.

diagnose sniffer packet any

Buy Now
Question # 25

A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad.

Which IPsec Wizard template must the administrator apply?

Options:

A.

Remote Access

B.

Site to Site

C.

Dial up User

D.

iHub-and-Spoke

Buy Now
Question # 26

Refer to the exhibits.

An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not available on the downstream FortiGate (ISFW).

What must the administrator do to synchronize the address object?

Options:

A.

Change the csf setting on Local-FortiGate (root) to sec fabric-object-unification default.

B.

Change the csf setting on both devices to sec downscream-access enable.

C.

Change the csf setting on ISFW (downstream) to sec auchorizacion-requesc-cype certificace.

D.

Change the csf setting on ISFW (downstream) to sec configuration-sync local.

Buy Now
Question # 27

Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)

Options:

A.

Pre-shared key and certificate signature as authentication methods

B.

Extended authentication (XAuth)to request the remote peer to provide a username and password

C.

Extended authentication (XAuth) for faster authentication because fewer packets are exchanged

D.

No certificate is required on the remote peer when you set the certificate signature as the authentication method

Buy Now
Question # 28

A network administrator enabled antivirus and selected an SSL inspection profile on a firewall policy.

When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the

and does not block the file allowing it to be downloaded.

The administrator confirms that the traffic matches the configured firewall policy.

What are two reasons for the failed virus detection by FortiGate? (Choose two.)

Options:

A.

The selected SSL inspection profile has certificate inspection enabled

B.

The browser does not trust the FortiGate self-siqned CA certificate

C.

The EICAR test file exceeds the protocol options oversize limit

D.

The website is exempted from SSL inspection

Buy Now
Question # 29

Refer to the exhibit.

Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit.

What do you conclude when adding the FTP.Login.Failed signature to the IPS sensor profile?

Options:

A.

Traffic matching the signature will be allowed and logged.

B.

The signature setting uses a custom rating threshold.

C.

The signature setting includes a group of other signatures.

D.

Traffic matching the signature will be silently dropped and logged.

Buy Now
Exam Code: FCP_FGT_AD-7.4
Exam Name: FCP - FortiGate 7.4 Administrator
Last Update: Feb 22, 2025
Questions: 89
FCP_FGT_AD-7.4 pdf

FCP_FGT_AD-7.4 PDF

$25.5  $84.99
 Add to Cart
FCP_FGT_AD-7.4 Engine

FCP_FGT_AD-7.4 Testing Engine

$28.5  $94.99
 Add to Cart
FCP_FGT_AD-7.4 PDF + Engine

FCP_FGT_AD-7.4 PDF + Testing Engine

$40.5  $134.99
 Add to Cart