Fortinet FCSS_EFW_AD-7.6 Practice Questions & Answers

Question 6 of 34

In a transparent VDOM interface, what does the command set forward-domain <domain_ID> do?

A.

It allows the interface to access the configured admin domain.

B.

It restricts the interface to managing traffic from only the specified VLAN, effectively segregating network traffic.

C.

It isolates traffic within a specific VLAN by assigning a broadcast domain to an interface based on the VLAN ID.

D.

It assigns a unique domain ID to the interface, allowing it to operate across multiple VLANs within the same VDOM.

Question 7 of 34

Refer to the exhibit.
A revision history window at the FortiManager device layer is shown.
Exam FCSS_EFW_AD-7.6: Image 1

The IT team is trying to identify the administrator responsible for the most recent update to the FortiGate device database.
What can the IT team conclude?

A.

The user script_manager, an API user from the Fortinet Developer Network (FDN). is retrieving a configuration.

B.

The retrieve process was automatically triggered by a Remote FortiGate Directly (via CLI) script.

C.

To identify the user who created the event, in the FortiManager system logs, they must use the type=script filter in the user field.

D.

To identify the user who created the event, they must view it on the Configuration and Installation widget on FortiGate at the FortiManager device layer.

Question 8 of 34

If you implement IKEv2 in a VPN topology, which two statements are true? (Choose two.)

A.

Unlike IKEv1, it supports mode config.

B.

It includes stronger Diffie-Hellman (DH) groups, such as Elliptic Curve (ECP) groups.

C.

It supports the extensible authentication protocol (EAP).

D.

It exchanges a minimum of two messages to establish a secure tunnel.

Question 9 of 34

You need to install a new intrusion prevention system (IPS) profile without triggering false positives that can impact applications and disrupt normal traffic flow.
How can you prevent false positives on IPS analysis?

A.

Use an IPS profile with action default and analyze the applications.

B.

Use the IPS profile extension to select an OS, protocol, and application for all the network internal services and users to prevent false positives.

C.

Use an IPS profile with Scan Outgoing Connections to block botnets, which can create false positives.

D.

Use an IPS profile with action monitor; however, you must be aware that this can compromise network integrity.

Question 10 of 34

You must minimize CPU and RAM use on a FortiGate firewall while also enabling essential security features, such as web filtering and application control for HTTPS traffic.
Which SSL inspection setting reduces system load while also enabling security features, such as web filtering and application control for encrypted HTTPS traffic?

A.

Enable SSL certificate inspection mode to perform basic checks without decrypting traffic.

B.

Disable SSL inspection to preserve resources.

C.

Use deep SSL inspection to inspect encrypted HTTPS traffic.

D.

Configure SSL inspection to handle HTTPS traffic efficiently.