Decide Fast & Get 50% Flat Discount | Limited Time Offer - Ends In 0d 00h 00m 00s Coupon code: SAVE50

Master Fortinet FCP_FGT_AD-7.4 Exam with Reliable Practice Questions

Page: 1 out of Viewing questions 1-5 out of 86 questions
Last exam update: Nov 11,2024
Upgrade to Premium
Question 1

Refer to the exhibit.

Based on the routing database shown in the exhibit which two conclusions can you make about the routes? (Choose two.)


Correct : B, C

The port1 and port2 default routes are active in the routing table

The routes with 0.0.0.0/0 for both port1 and port2 are marked with an asterisk * and > symbol, which indicates that these routes are active and selected in the routing table.

The port3 default route has the highest distance

The route via port3 has a distance of [20/0], which is higher than the distances for the routes via port1 [10/0] and port2 [30/0]. This indicates that the port3 default route has the highest distance.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 2

What are two features of FortiGate FSSO agentless polling mode? (Choose two.)


Correct : B, C

FortiGate uses the SMB protocol to read the event viewer logs from the DCs.

In agentless polling mode, FortiGate directly connects to the Domain Controllers (DCs) using the SMB protocol to read event logs and detect user login events.

FortiGate does not support workstation check.

In agentless polling mode, FortiGate does not perform workstation checks. It relies on polling the event logs from the Domain Controllers to identify user logins.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 3

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?


Correct : D

In NetAPI polling mode, the FSSO (Fortinet Single Sign-On) collector agent uses the NetAPI (Windows API) to query the Domain Controllers (DCs) for user login sessions. This method allows the collector agent to retrieve information about active user sessions without directly scanning event logs.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 4

Refer to the exhibits.

An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not available on the downstream FortiGate (ISFW).

What must the administrator do to synchronize the address object?


Correct : A

The current setting for the root FortiGate (Local-FortiGate) is fabric-object-unification local, which means that new address objects are not shared across the security fabric. Changing this setting to fabric-object-unification default will allow address objects to be synchronized and shared with downstream devices like the ISFW.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 5

Refer to the exhibits.

The SSL VPN connection fails when a user attempts to connect to it.

What should the user do to successfully connect to the SSL VPN?


Correct : D

The SSL VPN is configured to listen on port 11443 on the FortiGate device, as shown in the SSL VPN settings in the exhibit. However, the user is attempting to connect to the server using port 1443, as displayed in the VPN connection status. The mismatch between the ports is causing the connection failure. To resolve this, the user should change the client configuration to use port 11443 to match the FortiGate SSL VPN configuration.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500