FCP_FGT_AD-7.6 Fortinet FortiGate 7.6 Administrator FCP_FGT

FortiGate 7.6 Administrator FCP_FGT_AD-7.6

Last Update 5 hours ago Total Questions : 67

The FortiGate 7.6 Administrator FCP_FGT_AD-7.6 content is now fully updated, with all current exam questions added 5 hours ago. Deciding to include FCP_FGT_AD-7.6 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our FCP_FGT_AD-7.6 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these FCP_FGT_AD-7.6 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any FortiGate 7.6 Administrator FCP_FGT_AD-7.6 practice test comfortably within the allotted time.

Question # 11

Refer to the exhibits.

The exhibits show a diagram of a FortiGate device connected to the network, as well as the IP pool configuration and firewall policy objects.

The WAN (port2) interface has the IP address 100.65.0.101/24 .

The LAN (port4) interface has the IP address 10.0.11.254/24 .

Which IP address will be used to source NAT (SNAT) the traffic, if the user on

HQ-PC-1 ( 10.0.11.50 ) pings the IP address of BR-FGT ( 100.65.1.111 )

100.65.0.101

100.65.0.49

100.65.0.99

100.65.0.149

Question # 12

Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit.

What can you conclude about the signature when adding the FTP.Login.Failed signature to the IPS Sensor profile?

The signature setting includes a group of other signatures.

FortiGate stores a local copy of the packet that matches the signature.

FortiGate allows this low severity signature packet and creates a log.

The signature setting uses a custom rating threshold

Question # 13

FortiGate is integrated with FortiAnalyzer and FortiManager.

When creating a firewall policy, which attribute must an administrator include to enhance functionality and enable log recording on FortiAnalyzer and FortiManager?

Policy ID

Log ID

Universally Unique Identifier

Sequence ID

Question # 14

You are analyzing connectivity problems caused by intermediate devices blocking traffic in SSL VPN environment.

In which two ways can you effectively resolve the problem? (Choose two.)

You can turn off IKE fragmentation to fix large certificate negotiation problems.

You should use IPsec to solve issues with fragment drops and large certificate exchanges.

You can use SSL VPN tunnel mode to prevent problems with blocked ESP and UDP ports (500 or 4500).

You can configure a hub-and-spoke topology with SSL VPN tunnels to bypass blocked UDP ports.

Question # 15

Refer to the exhibit.

Based on this partial configuration, what are the two possible outcomes when FortiGate enters conserve mode? (Choose two.)

Administrators cannot change the configuration.

FortiGate skips quarantine actions.

Administrators must restart FortiGate to allow new session.

FortiGate drops new sessions requiring inspection.

Question # 16

Refer to the exhibits.

The exhibits show a diagram of a FortiGate device connected to the network, as well as the firewall policy and IP pool configuration on the FortiGate device

Two PCs PC1 and PC2, are connected behind FortiGate and can access the internet successfully However, when the administrator adds a third PC to the network (PC3), the PC cannot connect to the internet

Based on the information shown in the exhibit, which two configuration options can the administrator use to fa the connectivity issue for PC3? (Choose two.)

In the system settings sot Multiple Interface Policies to enable

In the firewall policy, set match-vip to enable using CLI.

ln the IP pool configuration, set endip to 100.65.0.112.

In the IP pool configuration, set type to overload.

Question # 17

Refer to the exhibits.

You have implemented the application sensor and the corresponding firewall policy as shown in the exhibits

You cannot access any of the Google applications, but you are able to access www.fortinet.com.

Which two actions would you take to resolve the issue? (Choose two.)

Change the Inspection mode to Flow-based

Add " Google* .com to the URL category in the security profile

Set SSL inspection to deep-content inspection

Set the action for Google in the Application and Filter Overrides section to Allow

Move up Google in the Application and Filter Overrides section to set its priority to 1.

Question # 18

What are two features of FortiGate FSSO agentless polling mode? (Choose two.)

FortiGate directs the collector agent to use a remote LDAP server.

FortiGate uses the SMB protocol to read the event viewer logs from the DCs.

FortiGate does not support workstation check.

FortiGate uses the AD server as the collector agent.

Question # 19

Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)

The host field in the HTTP header.

The server name indication (SNI) extension in the client hello message.

The subject alternative name (SAN) field in the server certificate.

The subject field in the server certificate.

The serial number in the server certificate.