Fortinet FCP_FGT_AD-7.4 FCP – FortiGate 7.4 Administrator Online Training
Fortinet FCP_FGT_AD-7.4 Online Training
The questions for FCP_FGT_AD-7.4 were last updated at Mar 01,2025.
- Exam Code: FCP_FGT_AD-7.4
- Exam Name: FCP - FortiGate 7.4 Administrator
- Certification Provider: Fortinet
- Latest update: Mar 01,2025
An administrator wants to block https://www.example.com/videos and allow all other URLs on the website.
What are two configuration changes that the administrator can make to satisfy the requirement? (Choose two.)
- A . Configure web override for the URL and select a blocked FortiGuard subcategory
- B . Enable full SSL inspection
- C . Configure a video filter profile to block the URL
- D . Configure a static URL filter entry for the URL and select Block as the action
Which three methods can you use to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)
- A . Instant message app
- B . FortiToken
- C . Email
- D . Voicemail message
- E . SMS text message
View the exhibit.
A user at 192.168.32.15 is trying to access the web server at 172.16.32.254.
Which two statements best describe how the FortiGate will perform reverse path forwarding (RPF)
checks on this traffic? (Choose two.)
- A . Strict RPF check will deny the traffic.
- B . Loose RPF check will allow the traffic.
- C . Strict RPF check will allow the traffic.
- D . Loose RPF check will deny the traffic.
Which two statements about antivirus scanning in a firewall policy set to proxy-based inspection mode, are true? (Choose two.)
- A . A file does not need to be buffered completely before it is moved to the antivirus engine for scanning.
- B . The client must wait for the antivirus scan to finish scanning before it receives the file.
- C . FortiGate sends a reset packet to the client if antivirus reports the file as infected.
- D . If a virus is detected, a block replacement message is displayed immediately.
Which two statements about FortiGate antivirus databases are true? (Choose two.)
- A . The quick scan database is part of the normal database.
- B . The extreme database is available only on certain FortiGate models.
- C . The extended database is available on all FortiGate models.
- D . The extended database is available only if AI scanning is enabled.
Refer to the exhibit.
The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)
- A . FortiGate SN FGVM010000065036 HA uptime has been reset.
- B . FortiGate devices are not in sync because one device is down.
- C . FortiGate SN FGVM010000064692 is the primary because of higher HA uptime.
- D . FortiGate SN FGVM010000064692 has the higher HA priority.
Refer to the exhibit.
The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)
- A . FortiGate SN FGVM010000065036 HA uptime has been reset.
- B . FortiGate devices are not in sync because one device is down.
- C . FortiGate SN FGVM010000064692 is the primary because of higher HA uptime.
- D . FortiGate SN FGVM010000064692 has the higher HA priority.
Refer to the exhibit.
The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
Which two statements are true? (Choose two.)
- A . FortiGate SN FGVM010000065036 HA uptime has been reset.
- B . FortiGate devices are not in sync because one device is down.
- C . FortiGate SN FGVM010000064692 is the primary because of higher HA uptime.
- D . FortiGate SN FGVM010000064692 has the higher HA priority.
Refer to the exhibit.
Examine the intrusion prevention system (IPS) diagnostic command.
Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?
- A . The IPS engine was inspecting high volume of traffic.
- B . The IPS engine was unable to prevent an intrusion attack.
- C . The IPS engine was blocking all traffic.
- D . The IPS engine will continue to run in a normal state.
Refer to the exhibit.
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up, but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?
- A . On HQ-FortiGate, enable Diffie-Hellman Group 2.
- B . On HQ-FortiGate, enable Auto-negotiate.
- C . On Remote-FortiGate, set Seconds to 43200.
- D . On HQ-FortiGate, set Encryption to AES256.
Latest FCP_FGT_AD-7.4 Dumps Valid Version with 200 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
