CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. FCP_FGT_AD-7.4

Free FCP_FGT_AD-7.4 Exam Braindumps (page: 8)

Page 7 of 23
PDF with 89 Questions

Refer to the exhibit to view the firewall policy.

Why would the firewall policy not block a well-known virus, for example eicar?

  1. The action on the firewall policy is not set to deny.
  2. The firewall policy is not configured in proxy-based inspection mode.
  3. Web filter is not enabled on the firewall policy to complement the antivirus profile.
  4. The firewall policy does not apply deep content inspection.

Answer(s): B

Explanation:

The firewall policy shown in the exhibit is configured in flow-based inspection mode. In flow-based inspection, certain security features, such as deep content inspection, might not be as effective as in proxy-based mode. Proxy-based inspection is necessary for thorough content inspection, which includes identifying and blocking well-known viruses like EICAR.


Reference:

FortiOS 7.4.1 Administration Guide: Inspection Modes



Which inspection mode does FortiGate use for application profiles if it is configured as a profile- based next-generation firewall (NGFW)?

  1. Full content inspection
  2. Proxy-based inspection
  3. Certificate inspection
  4. Flow-based inspection

Answer(s): D

Explanation:

When FortiGate is configured in NGFW profile-based mode, it primarily uses flow-based inspection for application profiles. Flow-based inspection provides faster processing and lower latency by inspecting traffic in real-time without buffering, making it suitable for scenarios where performance is a priority.


Reference:

FortiOS 7.4.1 Administration Guide: Inspection Modes



Refer to the exhibit showing a FortiGuard connection debug output.



Based on the output, which two facts does the administrator know about the FortiGuard connection? (Choose two.)

  1. One server was contacted to retrieve the contract information.
  2. There is at least one server that lost packets consecutively.
  3. A local FortiManaqer is one of the servers FortiGate communicates with.
  4. FortiGate is using default FortiGuard communication settings.

Answer(s): A,D

Explanation:

The debug output indicates that FortiGate connected to one server (173.243.141.16) to retrieve contract information as it shows four FortiGuard requests without any packet loss, which confirms the connection to the server. Additionally, the default FortiGuard communication settings are being used, as indicated by the use of the HTTPS protocol on port 443, which is the default setting for FortiGuard connections.


Reference:

FortiOS 7.4.1 Administration Guide: FortiGuard Connection Settings



Refer to the exhibit.



Why did FortiGate drop the packet?

  1. 11 matched an explicitly configured firewall policy with the action DENY
  2. It failed the RPF check.
  3. The next-hop IP address is unreachable.
  4. It matched the default implicit firewall policy

Answer(s): D

Explanation:

The debug trace output shows that the packet was "Denied by forward policy check (policy 0)." In FortiGate, policy ID 0 corresponds to the default implicit deny policy. This means that if a packet does not match any configured firewall policies, it is denied by the default implicit policy.


Reference:

FortiOS 7.4.1 Administration Guide: Firewall Policies






Post your Comments and Discuss Fortinet FCP_FGT_AD-7.4 exam with other Community members:

FCP_FGT_AD-7.4 Discussions & Posts