Master Fortinet NSE7_PBC-7.2 Exam with Reliable Practice Questions

Correct : A, D

The Azure SDN connector uses two types of queries to interact with the Azure management API. The first query is targeted to a special IP address to get a token. This token is used to authenticate the subsequent queries. The second type of query is used to retrieve information about the Azure resources, such as virtual machines, network interfaces, network security groups, and public IP addresses. Some queries are made to manage public IP addresses, such as assigning or releasing them from the FortiGate VM.Reference:Configuring an SDN connector in Azure,Azure SDN connector using service principal,Troubleshooting Azure SDN connector

Correct : A, C, E

When adding the Amazon Web Services (AWS) account to the FortiCNP, you must follow these three mandatory configuration steps:

Add AWS accounts through FortiCNP. This is the first step to enable cloud protection for your AWS account. You can add one or multiple accounts automatically or manually. You need to provide the AWS account ID and a name for the account.You also need to select the optional permissions to be granted to FortiCNP as needed1.

Accept FortiCNP to create CloudTrail for the account. This is required for FortiCNP to collect and analyze the AWS API calls and events. You can choose to let FortiCNP create a CloudTrail for the account or use an existing one.You also need to specify the aggregation region for the CloudTrail1.

Launch the CloudFormation template. This is required for FortiCNP to create a stack and a role in your AWS account. The stack contains the resources that FortiCNP needs to access and monitor your AWS account. The role allows FortiCNP to assume it and perform actions on your behalf.You need to enter a custom or default role name and a unique UUID that is designated for your company on FortiCNP1.

https://docs.fortinet.com/document/forticnp/22.4.a/online-help/246021/add-aws-account-automatically

Correct : A, C

The exhibit shows the results of a FortiCNP registry scan, which is part of the FortiCNP container protection.FortiCNP's Container Protection provides deep visibility into the security posture of container registries and images1.The registry scan utilizes Common Vulnerabilities and Exposures (CVE) index regularly updated by NVD to detect underlying vulnerabilities, security flaws, and provides security best practices2.The registry scan is performed at the registry level, and it can scan all images in a repository if the Tag section is left blank when adding a repository2.The CAP section stands for Container Assurance Policy, which defines the minimum number of images to be scanned per repository3. Therefore, the correct statements are A and C.Reference:Container Image Scan | FortiCNP 22.3.a,FortiCNP,Cloud Native Application Protection Platform | FortiCNP

Correct : A, B, D

To configure a FortiGate VM to add to FortiCNP, you need to perform three steps on FortiGate:

Enable send logs in FortiGate to allow FortiCNP to receive the IPS logs from FortiGate.

Create an SSL/SSH inspection profile on FortiGate to inspect the encrypted traffic and apply IPS protection.

Create an IPS sensor and a firewall policy on FortiGate to enable IPS detection and prevention for the traffic.

FortiCNP 22.4.a Administration Guide, page 22-24

FortiGate IPS Administration Guide, page 9-10

Correct : D

Securing container environments from newly emerged security threats involves employing specific security mechanisms tailored to the technology and structure of containers. In this context, the use of Docker-related application control signatures (Option D) is critical for effectively managing and mitigating threats in containerized environments.

Docker-Specific Threats: Docker containers, being a prevalent form of container technology, are targeted by various security threats, including those that exploit vulnerabilities specific to the Docker environment and runtime. Using Docker-related application control signatures means implementing security measures that are specifically designed to detect and respond to anomalies and threats that are unique to Docker containers.

Application Control Signatures: These are sets of definitions that help identify and block potentially malicious activities within application traffic. By focusing on Docker-related signatures, administrators can ensure that the security tools are finely tuned to the operational specifics of Docker containers, thereby providing a robust defense against exploits that target container-specific vulnerabilities.