Fortinet FCSS_EFW_AD-7.4 FCSS – Enterprise Firewall 7.4 Administrator Online Training
Fortinet FCSS_EFW_AD-7.4 Online Training
The questions for FCSS_EFW_AD-7.4 were last updated at Feb 22,2025.
- Exam Code: FCSS_EFW_AD-7.4
- Exam Name: FCSS - Enterprise Firewall 7.4 Administrator
- Certification Provider: Fortinet
- Latest update: Feb 22,2025
What is the diagnose test application ipsmenitor 5 command used for?
- A . To enable IPS bypass mode
- B . To disable the IPS engine
- C . To restart all IPS engines and monitors
- D . To provide information regarding IPS sessions
Examine the output of the ‘get router info ospf interface’ command shown in the exhibit; then answer the question below.
Which statements are true regarding the above output? (Choose two.)
- A . The port4 interface is connected to the OSPF backbone area.
- B . The local FortiGate has been elected as the OSPF backup designated router.
- C . There are at least 5 OSPF routers connected to the port4 network.
- D . Two OSPF routers are down in the port4 network.
A corporate network allows internet Access to FSSO users only. The FSSO user student does not have internet access after successfully logged into the Windows AD network.
The output of the ‘diagnose debug authd fsso list’ command does not show student as an active FSSO user. Other FSSO users can access the Internet without problems.
What should the administrator check? (Choose two.)
- A . The user student must not be listed in the CA’s ignore user list.
- B . The user student must belong to one or more of the monitored user groups.
- C . The student workstation’s IP subnet must be listed in the CA’s trusted list.
- D . At least one of the student’s user groups must be allowed by a FortiGate firewall policy.
What action does FortiSwitch take when it receives a loop guard data packet (LGDP) that was sent by itself?
- A . The receiving port is shut down
- B . The sending port is shut down
- C . The receiving port is moved to the STP blocking state
- D . The sending port is moved to the STP blocking state
An administrator has configured two FortiGate devices for an HA cluster. While testing HA failover, the administrator notices that some of the switches in the network continue to send traffic to the former primary device.
What can the administrator do to fix this problem?
- A . Configure remote link monitoring to detect an issue in the forwarding path.
- B . Configure set send-garp-on-failover enable under config system ha on both cluster members.
- C . Verify that the speed and duplex settings match between the FortiGate interfaces and the connected switch ports.
- D . Configure set link-failed-signal enable under config system ha on both cluster members.
View the exhibit, which of the contains the partial output of an IKE real-time debug, then answer the question below.
Which of the following statements about this debug output are true? (Choose two.)
- A . The name of the tunnel being negotiated is VPN.
- B . Both phases 1 and 2 are up.
- C . Both gateways are using aggressive mode.
- D . Phase 1 is using a pre-shared key for authentication.
Which two statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)
- A . When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.
- B . When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate
- C . When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.
- D . When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.
View the exhibit, which contains the output of get sys ha status, and then answer the question below.
Which statements are correct regarding the output? (Choose two.)
- A . The slave configuration is not synchronized with the master.
- B . The HA management IP is 169.254.0.2.
- C . Master is selected because it is the only device in the cluster.
- D . port 7 is used the HA heartbeat on all devices in the cluster.
A FortiGate device has the following LDAP configuration:
The administrator executed the ‘dsquery’ command in the Windows LDAp server 10.0.1.10, and got the following output:
>dsquery user -samid administrator
"CN-Administrator, CN-Users, DC=trainingAD, DC-training, DC-lab"
Based on the output, what FortiGate LDAP setting is configured incorrectly?
- A . cnid.
- B . username.
- C . password.
- D . dn.
View the exhibit, which contains a session entry, and then answer the question below.
Which statement is correct regarding this session?
- A . This traffic is using the VIP and central NAT tables.
- B . This session was successfully authenticated.
- C . Further packets for this session will be blocked.
- D . This session is offloaded to the NPU.
Latest FCSS_EFW_AD-7.4 Dumps Valid Version with 210 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
