Fortinet FCSS_EFW_AD-7.4 Übungsprüfungen
Zuletzt aktualisiert am 27.08.2025- Prüfungscode: FCSS_EFW_AD-7.4
- Prüfungsname: FCSS - Enterprise Firewall 7.4 Administrator
- Zertifizierungsanbieter: Fortinet
- Zuletzt aktualisiert am: 27.08.2025
Examine the output of the ‘diagnose ips anomaly list’ command shown in the exhibit; then answer the question below.
Which IP addresses are included in the output of this command?
- A . Those whose traffic matches a DoS policy.
- B . Those whose traffic matches an IPS sensor.
- C . Those whose traffic exceeded a threshold of a matching DoS policy.
- D . Those whose traffic was detected as an anomaly by an IPS sensor.
Examine the partial output from the IKE real time debug shown in the exhibit; then answer the question below.
Why didn’t the tunnel come up?
- A . IKE mode configuration is not enabled in the remote IPsec gateway.
- B . The remote gateway’s Phase-2 configuration does not match the local gateway’s phase-2 configuration.
- C . The remote gateway’s Phase-1 configuration does not match the local gateway’s phase-1 configuration.
- D . One IPsec gateway is using main mode, while the other IPsec gateway is using aggressive mode.
View the global IPS configuration, and then answer the question below.
Which of the following statements is true regarding this configuration?
- A . IPS will scan every byte in every session.
- B . FortiGate will spawn IPS engine instances based on the system load.
- C . New packets will be passed through without inspection if the IPS socket buffer runs out of memory
- D . IPS will use the faster matching algorithm which is only available for units with more than 4 GB memory.
Exhibits:
Refer to the exhibits, which contain the network topology and BGP configuration for a hub.
An administrator is trying to configure ADVPN with a hub-spoke VPN setup using iBGP. All the VPNs are up and connected to the hub. The hub is receiving route information from both spokes over iBGP; however, the spokes are not receiving route information from each other.
What change must the administrator make to the hub BGP configuration so that the routes learned by one spoke are forwarded to the other spokes?
- A . Configure the hub as a route reflector client.
- B . Change the router id to 10.1.0.254.
- C . Configure an individual neighbor and remove neighbor-range configuration.
- D . Make the configuration of remote-as different from the configuration of local-as.
View the IPS exit log, and then answer the question below.
What is the status of IPS on this FortiGate?
- A . IPS engine memory consumption has exceeded the model-specific predefined value.
- B . IPS daemon experienced a crash.
- C . There are communication problems between the IPS engine and the management database.
- D . All IPS-related features have been disabled in FortiGate’s configuration.
An administrator must automate a weekly backup of all the FortiGate devices in an enterprise network.
Which two steps must the administrator follow to implement this? (Choose two.)
- A . Integrate all the FortiGate devices in a Security Fabric environment.
- B . Create a script to be run in the device database.
- C . Create metadata variables for all the FortiGate devices.
- D . Create an automation stitch.
Refer to the exhibit, which contains the partial output of the get vpn ipsec tunnel details command.
Based on the output, which two statements are correct? (Choose two.)
- A . Phase 2 authentication is set to sha1 on both sides.
- B . Hub2Spoke1 is configured on interface wan2.
- C . Anti-replay is disabled.
- D . Hub2Spoke1 is a policy-based VPN.
Refer to the exhibit, which shows the output of a web filtering diagnose command.
Which configuration change would result in non-zero results in the cache statistics section?
- A . set server-type rating under config system central-management
- B . set webfilter-cache enable under config system fortiguard
- C . set webfilter-force-off disable under config system fortiguard
- D . set ngfw-mode policy-based under config system settings
An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device.
What can the administrator do to fix this problem?
- A . Configure remote link monitoring to detect an issue in the forwarding path.
- B . Configure set send-garp-on-failover enable under config system ha on both cluster members.
- C . Verify that the speed and duplex settings match between the FortiGate interfaces and the connected switch ports.
- D . Configure set link-failed-signal enable under config system ha on both cluster members.
An administrator wants to simplify a new hub-and-spoke network deployment with the BGP recommended configuration.
Which two sections on FortiManager must the administrator use? (Choose two.)
- A . Provisioning Templates
- B . Meta Fields
- C . Metadata Variables
- D . Automation Stitch