
Fortinet FCP - FortiGate 7.4 Administrator - FCP_FGT_AD-7.4 Exam Questions
QUESTION NO: 1
Refer to the exhibits.



The exhibits show a diagram of a FortiGate device connected to the network, and the firewall configuration.
An administrator created a Deny policy with default settings to deny Webserver access for Remote-User2.
The policy should work such that Remote-User1 must be able to access the Webserver while preventing Remote-User2 from accessing the Webserver.
Which two configuration changes can the administrator make to the policy to deny Webserver access for Remote-User2? (Choose two.)
Refer to the exhibits.



The exhibits show a diagram of a FortiGate device connected to the network, and the firewall configuration.
An administrator created a Deny policy with default settings to deny Webserver access for Remote-User2.
The policy should work such that Remote-User1 must be able to access the Webserver while preventing Remote-User2 from accessing the Webserver.
Which two configuration changes can the administrator make to the policy to deny Webserver access for Remote-User2? (Choose two.)
Correct Answer: B,C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 2
Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output shown in the exhibit.
What should the administrator do next, to troubleshoot the problem?
Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output shown in the exhibit.
What should the administrator do next, to troubleshoot the problem?
Correct Answer: D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 3
A FortiGate firewall policy is configured with active authentication however, the user cannot authenticate when accessing a website.
Which protocol must FortiGate allow even though the user cannot authenticate?
A FortiGate firewall policy is configured with active authentication however, the user cannot authenticate when accessing a website.
Which protocol must FortiGate allow even though the user cannot authenticate?
Correct Answer: A
QUESTION NO: 4
Refer to the exhibit to view the firewall policy.

Why would the firewall policy not block a well-known virus, for example eicar?
Refer to the exhibit to view the firewall policy.

Why would the firewall policy not block a well-known virus, for example eicar?
Correct Answer: A
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 5
Which three statements about SD-WAN zones are true? (Choose three.)
Which three statements about SD-WAN zones are true? (Choose three.)
Correct Answer: A,B,D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 6
Refer to the exhibits, which show the firewall policy and an antivirus profile configuration.

Why is the user unable to receive a block replacement message when downloading an infected file for the first time?
Refer to the exhibits, which show the firewall policy and an antivirus profile configuration.

Why is the user unable to receive a block replacement message when downloading an infected file for the first time?
Correct Answer: C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 7
Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)
Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)
Correct Answer: A,B,E
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 8
Which three strategies are valid SD-WAN rule strategies for member selection? (Choose three.)
Which three strategies are valid SD-WAN rule strategies for member selection? (Choose three.)
Correct Answer: A,B,D
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).
QUESTION NO: 9
Which two statements are correct when FortiGate enters conserve mode? (Choose two.)
Which two statements are correct when FortiGate enters conserve mode? (Choose two.)
Correct Answer: C,D
QUESTION NO: 10
What are two features of FortiGate FSSO agentless polling mode? (Choose two.)
What are two features of FortiGate FSSO agentless polling mode? (Choose two.)
Correct Answer: B,C
Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).




