FCP_FGT_AD-7.4試験無料問題集（91題）「Fortinet FCP

出題：1

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI.

Based on the exhibit, which statement is true?

A. The underlay zone contains port1 and

B. The d-wan zone contains no member.

C. The d-wan zone cannot be deleted.

D. The virtual-wan-link zone contains no member.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Refer to the exhibit showing a FortiGuard connection debug output.

Based on the output, which two facts does the administrator know about the FortiGuard connection? (Choose two.)

A. A local FortiManaqer is one of the servers FortiGate communicates with.

B. FortiGate is using default FortiGuard communication settings.

C. There is at least one server that lost packets consecutively.

D. One server was contacted to retrieve the contract information.

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

When FortiGate performs SSL/SSH full inspection, you can decide how it should react when it detects an invalid certificate.
Which three actions are valid actions that FortiGate can perform when it detects an invalid certificate? (Choose three.)

A. Allow

B. Trust & Allow

C. Allow & Warning

D. Block

E. Block & Warning

正解：A,B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which three CLI commands, can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

A. diagnose sys top

B. diagnose sniffer packet any

C. execute ping

D. get system arp

E. execute traceroute

正解：B,C,E 解答を投票する

出題：5

Which two settings are required for SSL VPN to function between two FortiGate devices? (Choose two.)

A. The server FortiGate requires a CA certificate to verify the client FortiGate certificate.

B. The client FortiGate requires a manually added route to remote subnets.

C. The client FortiGate requires the SSL VPN tunnel interface type to connect SSL VPN.

D. The client FortiGate requires a client certificate signed by the CA on the server FortiGate.

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

A network administrator is configuring an IPsec VPN tunnel for a sales employee travelling abroad.
Which IPsec Wizard template must the administrator apply?

A. Dial up User

B. Site to Site

C. iHub-and-Spoke

D. Remote Access

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Refer to the exhibits.

The SSL VPN connection fails when a user attempts to connect to it.
What should the user do to successfully connect to the SSL VPN?

A. Change the server IP address.

B. Change the SSL VPN portal to the tunnel.

C. Change the idle timeout.

D. Change the SSL VPN port on the client.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Refer to the exhibits.

FGT-1 and FGT-2 are updated with HA configuration commands shown in the exhibit.
What would be the expected outcome in the HA cluster?

A. FGT-1 will remain the primary because FGT-2 has lower priority.

B. The HA cluster will become out of sync because the override setting must match on all HA members.

C. FGT-2 will take over as the primary because it has the override enable setting and higher priority than FGT-1.

D. FGT-1 will synchronize the override disable setting with FGT-2.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Refer to the exhibit.

The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile.
An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category.
What are two solutions for satisfying the requirement? (Choose two.)

A. Set the Freeware and Software Downloads category Action to Warning

B. Configure a static URL filter entry for download, com with Type and Action set to Wildcard and Block, respectively.

C. Configure a web override rating for download, com and select Malicious Websites as the subcategory.

D. Configure a separate firewall policy with action Deny and an FQDN address object for *. download, com as destination address.

正解：B,C 解答を投票する

FCP_FGT_AD-7.4試験無料問題集「Fortinet FCP - FortiGate 7.4 Administrator 認定」