Fortinet FCP_FGT_AD-7.6 Exam Practice Test Instant Access

Question 1

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

AThe collector agent uses a Windows API to query DCs for user logins.

BNetAPI polling can increase bandwidth usage in large networks.

CThe NetSessionEnum function is used to track user logouts.

DThe collector agent must search Windows application event logs.

Answer : B

NetAPI polling mode involves frequent queries to domain controllers, which can cause increased bandwidth usage, especially in large networks with many login events.

Question 2

Which three statements explain a flow-based antivirus profile? (Choose three.)

AFortiGate buffers the whole file but transmits to the client at the same time.

BFlow-based inspection uses a hybrid of the scanning modes available in proxy-based inspection.

CIf a virus is detected, the last packet is delivered to the client.

DFlow-based inspection optimizes performance compared to proxy-based inspection.

EThe IPS engine handles the process as a standalone.

Answer : A, B, D

Flow-based antivirus buffers the entire file while simultaneously transmitting data to the client to minimize latency.

Flow-based inspection combines multiple scanning techniques from proxy-based modes for efficient detection.

Flow-based inspection provides better performance by processing traffic on the fly without full proxy overhead.

Question 3

Refer to the exhibit, which shows a partial configuration from the remote authentication server.

Why does the FortiGate administrator need this configuration?

ATo set up a RADIUS server Secret.

BTo authenticate Any FortiGate user groups.

CTo authenticate and match the Training OU on the RADIUS server.

DTo authenticate only the Training user group.

Answer : D

The Fortinet-Group-Name attribute is used to restrict authentication to users who belong specifically to the 'Training' user group on the RADIUS server.

Question 4

Refer to the exhibits.

An administrator has observed the performance status outputs on an HA cluster for 55 seconds.

Which FortiGate is the primary?

AHQ-NGFW-2 with the parameter memory-failover-threshold setting

BHQ-NGFW-2 with the parameter priority setting

CHQ-NGFW-1 with the parameter memory-failover-flip-timeout setting

DHQ-NGFW-1 with the parameter override setting

Answer : D

The HA configuration shows that override is disabled (set override disable), but despite this, HQ-NGFW-1 has the higher priority (200) and is acting as the primary, as indicated by its higher resource usage and uptime. Override allows the device with higher priority to take over as primary, so HQ-NGFW-1 is the primary device.

Question 5

Refer to the exhibit.

FortiGate has two separate firewall policies for Sales and Engineering to access the same web server with the same security profiles.

Which action must the administrator perform to consolidate the two policies into one?

ACreate an Aggregate interface that includes port1 and port2 to create a single firewall policy.

BSelect port1 and port2 subnets in a single firewall policy.

CReplace port1 and port2 with the any interface in a single firewall policy.

DEnable Multiple Interface Policies to select port1 and port2 in the same firewall policy.

Answer : D

Enabling Multiple Interface Policies allows you to select multiple interfaces (like port1 and port2) in a single firewall policy, consolidating access rules for both Sales and Engineering to the web server.

Question 6

Refer to the exhibit.

The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile.

An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category.

What are two solutions for satisfying the requirement? (Choose two.)

AConfigure a static URL filter entry for download.com with Type and Action set to Wildcard and Block, respectively.

BConfigure a web override rating for download.com and select Malicious Websites as the subcategory.

CConfigure a separate firewall policy with action Deny and an FQDN address object for*.download.com as destination address.

DSet the Freeware and Software Downloads category Action to Warning.

Answer : A, C

Creating a static URL filter to block download.com specifically allows blocking that site without affecting the entire category.

Using a separate firewall policy with a Deny action for an FQDN address object matching download.com can also block the site while allowing others in the same category.

Question 7

You have configured an application control profile, set peer-to-peer traffic to Block under the Categories tab, and applied it to the firewall policy. However, your peer-to-peer traffic on known ports is passing through the FortiGate without being blocked.

What FortiGate settings should you check to resolve this issue?

AFortiGuard category ratings

BApplication and Filter Overrides

CNetwork Protocol Enforcement

DReplacement Messages for UDP-based Applications

Answer : C

Network Protocol Enforcement settings control how FortiGate inspects and enforces protocols on traffic, including peer-to-peer applications on known ports. If not properly enabled, peer-to-peer traffic may bypass blocking despite the application control profile.

Fortinet FCP - FortiGate 7.6 Administrator FCP_FGT_AD-7.6 Exam Practice Test