Halloween Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Fortinet
  3. Fortinet Network Security Expert
  4. FCP_FGT_AD-7.6 - FortiGate 7.6 Administrator FCP_FGT_AD-7.6

FCP_FGT_AD-7.6 Exam Dumps - FortiGate 7.6 Administrator FCP_FGT_AD-7.6

Searching for workable clues to ace the Fortinet FCP_FGT_AD-7.6 Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s FCP_FGT_AD-7.6 PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 9

Refer to the exhibit.

The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile.

An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category.

What are two solutions for satisfying the requirement? (Choose two.)

A.

Configure a static URL filter entry for download.com with Type and Action set to Wildcard and Block, respectively.

B.

Configure a web override rating for download.com and select Malicious Websites as the subcategory.

C.

Configure a separate firewall policy with action Deny and an FQDN address object for*.download.com as destination address.

D.

Set the Freeware and Software Downloads category Action to Warning.

Full Access
Question # 10

You are encountering connectivity problems caused by intermediate devices blocking IPsec traffic.

In which two ways can you effectively resolve the problem? (Choose two.)

A.

You should use the protocol IKEv2.

B.

You can use SSL VPN tunnel mode to prevent problems with blocked ESP and UDP ports (500 or 4500).

C.

You can configure a hub-and-spoke topology with SSL VPN tunnels to bypass blocked UDP ports.

D.

You can turn on fragmentation to fix large certificate negotiation problems.

Full Access
Question # 11

Refer to the exhibit.

What would be the impact of these settings on the Server certificate SNI check configuration on FortiGate?

A.

FortiGate will accept and use the CN in the server certificate for URL filtering if the SNI does not match the CN or SAN fields.

B.

FortiGate will accept the connection with a warning if the SNI does not match the CN or SAN fields.

C.

FortiGate will close the connection if the SNI does not match the CN or SAN fields.

D.

FortiGate will close the connection if the SNI does not match the CN and SAN fields

Full Access
Question # 12

Refer to the exhibit.

As an administrator you have created an IPS profile, but it is not performing as expected. While testing you got the output as shown in the exhibit.

What could be the possible reason of the diagnose output shown in the exhibit?

A.

There is a no firewall policy configured with an IPS security profile.

B.

FortiGate entered into IPS fail open state.

C.

Administrator entered the command diagnose test application ipsmonitor 5.

D.

Administrator entered the command diagnose test application ipsmonitor 99.

Full Access
Question # 13

Refer to the exhibit.

An administrator has configured an Application Overrides for the ABC.Com application signature and set the Action to Allow. This application control profile is then applied to a firewall policy that is scanning all outbound traffic. Logging is enabled in the firewall policy. To test the configuration, the administrator accessed the ABC.Com web site several times.

Why are there no logs generated under security logs for ABC.Com?

A.

The ABC.Com Type is set as Application instead of Filter.

B.

The ABC.Com is configured under application profile, which must be configured as a web filter profile.

C.

The ABC.Com Action is set to Allow.

D.

The ABC.Com is hitting the category Excessive-Bandwidth.

Full Access
Question # 14

An administrator wants to analyze and manage digital certificates to prevent browser warnings when users connect to the SSL VPN portal.

Which two statements describe how to correctly do this? (Choose two.)

A.

The administrator can rely on the default FortiGate self-signed certificate to prevent all security warnings in the browser.

B.

The administrator must disable HTTPS administrative access entirely to avoid certificate warnings.

C.

The administrator can use a publicly trusted certificate from a known certificate authority (CA) to stop browser warnings.

D.

The administrator can import the FortiGate self-signed certificate into each user’s browser as a trusted certificate.

Full Access
Go to page:

Hot Exams

PCNSE Dumps
AZ-900 Dumps
200-301 Dumps
350-401 Dumps
350-701 Dumps
AZ-104 Dumps
CS0-003 Dumps
N10-009 Dumps
SY0-701 Dumps
CAS-005 Dumps
PT0-003 Dumps
ZDTA Dumps