Free Fortinet FCSS_CDS_AR-7.6 Exam Braindumps (page: 2)

An administrator would like to use FortiCNP to keep track of sensitive data files located in the Amazon Web Services (AWS) S3 bucket and protect it from malware.
Which FortiCNP feature should the administrator use?

  1. FortiCNP Threat Detection policies
  2. FortiCNP Risk Management policies
  3. FortiCNP Data Scan policies
  4. FortiCNP Compliance policies

Answer(s): C



You are using Ansible to modify the configuration of several FortiGate VMs.
What is the minimum number of files you need to create, and in which file should you configure the target FortiGate IP addresses?

  1. One playbook file for each target and the required tasks, and one inventory file.
  2. One .yaml file with the target IP addresses, and one playbook file with the tasks.
  3. One inventory file for each target device, and one playbook file.
  4. One text file for all target devices, and one playbook file.

Answer(s): B



Refer to the exhibit.



Refer to the exhibit.
The exhibit shows an active-passive high availability FortiGate pair with external and internal Azure load balancers.
There is no SDN connector used in this solution.
Which configuration must the administrator implement on each FortiGate?

  1. Single BGP route to Azure probe IP address.
  2. One static route to Azure Lambda IP address.
  3. Two static routes to Azure probe IP address.
  4. Two BGP routes to Azure probe IP address.

Answer(s): C



Your DevOps team is evaluating different Infrastructure as Code (IaC) solutions for deploying complex Azure environments.
What is an advantage of choosing Azure Bicep over other IaC tools available?

  1. Azure Bicep generates deployment logs that are optimized to improve error handling.
  2. Azure Bicep provides immediate support for all Azure services, including those in preview.
  3. Azure Bicep requires less frequent schema updates than Azure Resource Manager (ARM) templates.
  4. Azure Bicep can reduce deployment costs by limiting resource utilization during testing.

Answer(s): B



You must add an Amazon Web Services (AWS) network access list (NACL) rule to allow SSH traffic to a subnet for temporary testing purposes.
When you review the current inbound and outbound NACL rules, you notice that the rules with number 5 deny SSH and Telnet traffic to the subnet.
What can you do to allow SSH traffic?

  1. You do not have to create any NACL rules because the default security group rule automatically allows SSH traffic to the subnet.
  2. You must create a new allow SSH rule anywhere in the network ACL rule base to allow SSH traffic.
  3. You must create two new allow SSH rules, each with a number bigger than 5.
  4. You must create two new allow SSH rules, each with a number smaller than 5.

Answer(s): D



Viewing page 2 of 9
Viewing questions 6 - 10 out of 38 questions



Post your Comments and Discuss Fortinet FCSS_CDS_AR-7.6 exam prep with other Community members:

FCSS_CDS_AR-7.6 Exam Discussions & Posts