FCP_FGT_AD-7.6 FortiGate 7.6 Administrator FCP_FGT_AD-7.6 Questions and Answers

YouTube search is allowed based on the Google Application and Filter override settings.

YouTube access is blocked based on Excessive-Bandwidth Application and Filter override settings.

Facebook access is allowed but you cannot play Facebook videos based on Video/Audio category filter settings.

Facebook access is blocked based on the category filter settings.

By default. SD-WAN rules are skipped if the included SD-WAN members do not have a valid route to the destination.

SD-WAN rules have precedence over any other type of routes.

Regular policy routes have precedence over SD-WAN rules.

By default. SD-WAN rules are skipped if only one route to the destination is available.

By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.

The Underlay zone is the zone by default.

The Underlay zone contains no member.

port2 and port3 are not assigned to a zone.

The virtual-wan-link and overlay zones can be deleted.

Disable match-vip in the Allow_access policy

Configure a One-to-One IP Pool object in a new policy.

Set the Destination address as Webserver in the Deny policy.

Set the Destination address as Deny_IP in the Allow_access policy.

Whether the user is assigned to the correct AD group.

The FortiGate firewall policy settings for SSL decryption.

The FortiGate FSSO active users list for user’s IP address.

The windows event viewer for failed login attempts.

FortiGate continues to run critical security actions, such as quarantine.

FortiGate refuses to accept configuration changes.

FortiGate halts complete system operation and requires a reboot to regain available resources.

FortiGate continues to transmit packets without IPS inspection when the fail-open global setting in IPS is enabled.

The collector agent uses a Windows API to query DCs for user logins.

NetAPI polling can increase bandwidth usage in large networks.

The NetSessionEnum function is used to track user logouts.

The collector agent must search Windows application event logs.

Both interfaces must have the interface role assigned.

Both interfaces must have directly connected routes on the routing table.

Both interfaces must have DHCP enabled and interfaces set to LAN and DMZ roles assigned.

Both interfaces must have IP addresses assigned.

It is mandatory to provide a policy ID while creating a firewall policy regardless of GUI or CLI.

A firewall policy ID identifies the order of policy execution in firewall policies.

You can create a policy in CLI with policy ID 0.

A policy ID cannot be edited once a policy is created.

They rely on session loss and jitter.

They can be measured actively or passively.

They are applied in a SD-WAN rule lowest cost strategy.

They monitor the state of the FortiGate device.

All the SLAtargets can be configured.

In the new static route, the administrator must select Named Address.

In the new firewall address, the FQDN address must first beresolved.

In the new static route, the administrator must first set the interface to port2.

In the new firewall address, Routing configuration must be enabled.