Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bigdisc65

FCP_FGT_AD-7.6 Exam Dumps - Fortinet Network Security Questions and Answers

Question # 4

Which two statements are correct when FortiGate enters conserve mode? (Choose two.)

Options:

A.

FortiGate continues to run critical security actions, such as quarantine.

B.

FortiGate refuses to accept configuration changes.

C.

FortiGate halts complete system operation and requires a reboot to regain available resources.

D.

FortiGate continues to transmit packets without IPS inspection when the fail-open global setting in IPS is enabled.

Buy Now
Question # 5

A new administrator is configuring FSSO authentication on FortiGate using DC Agent Mode.

Which step is NOT part of the expected process?

Options:

A.

The DC agent sends login event data directly to FortiGate.

B.

The user logs into the windows domain.

C.

The collector agent forwards login event data to FortiGate.

D.

FortiGate determines user identity based on the IP address in the FSSO list.

Buy Now
Question # 6

A network administrator is reviewing firewall policies in both Interface Pair View and By Sequence View. The policies appear in a different order in each view.

Why is the policy order different in these two views?

Options:

A.

Policies in Interface Pair View are prioritized by security levels, while By Sequence View strictly follows the administrator’s manual ordering.

B.

By Sequence View groups policies based on rule priority, while Interface Pair View always follows the order of traffic logs.

C.

The firewall dynamically reorders policies in Interface Pair View based on recent traffic patterns, but By Sequence View remains static.

D.

Interface Pair View sorts policies based on matching interfaces, while By Sequence View shows the actual processing order of rules.

Buy Now
Question # 7

When configuring a FortiGate in a multi-WAN setup, why would an administrator enable session preservation on an interface?

Options:

A.

To allow the FortiGate to dynamically change interfaces for all active sessions when a WAN link fails

B.

To make sure all sessions without source NAT enabled always use the primary WAN link

C.

To improve security by forcing users to authenticate again when the WAN link changes

D.

To ensure that existing SSL VPN connections remain on the same interface even if route changes occur

Buy Now
Question # 8

What are three key routing principles in SD-WAN? (Choose three.)

Options:

A.

By default. SD-WAN rules are skipped if the included SD-WAN members do not have a valid route to the destination.

B.

SD-WAN rules have precedence over any other type of routes.

C.

Regular policy routes have precedence over SD-WAN rules.

D.

By default. SD-WAN rules are skipped if only one route to the destination is available.

E.

By default. SD-WAN rules are skipped if the best route to the destination is not an SD-WAN member.

Buy Now
Question # 9

You have created a web filter profile named restrict_media-profile with a daily category usage quota.

When you are adding the profile to the firewall policy, the restrict_media-profile is not listed in the available web profile drop down.

What could be the reason?

Options:

A.

The firewall policy is in no-inspection mode instead of deep-inspection.

B.

The inspection mode in the firewall policy is not matching with web filter profile feature set.

C.

The web filter profile is already referenced in another firewall policy.

D.

The naming convention used in the web filter profile is restricting it in the firewall policy.

Buy Now
Question # 10

Refer to the exhibits.

The exhibits show a diagram of a FortiGate device connected to the network, as well as the IP pool configuration and firewall policy objects.

TheWAN (port2)interface has the IP address100.65.0.101/24.

TheLAN (port4)interface has the IP address10.0.11.254/24.

Which IP address will be used to source NAT (SNAT) the traffic, if the user on

HQ-PC-1 (10.0.11.50) pings the IP address of BR-FGT (100.65.1.111)

Options:

A.

100.65.0.101

B.

100.65.0.49

C.

100.65.0.99

D.

100.65.0.149

Buy Now
Question # 11

Refer to the exhibits.

An administrator has observed the performance status outputs on an HA cluster for 55 seconds.

Which FortiGate is the primary?

Options:

A.

HQ-NGFW-2 with the parameter memory-failover-threshold setting

B.

HQ-NGFW-2 with the parameter priority setting

C.

HQ-NGFW-1 with the parameter memory-failover-flip-timeout setting

D.

HQ-NGFW-1 with the parameter override setting

Buy Now
Question # 12

A FortiGate firewall policy is configured with active authentication, however, the user cannot authenticate when accessing a website.

Which protocol must FortiGate allow even though the user cannot authenticate?

Options:

A.

LDAP

B.

TACASC+

C.

Kerberos

D.

DNS

Buy Now
Question # 13

An administrator wanted to configure an IPS sensor to block traffic that triggers a signature set number of times during a specific time period.

How can the administrator achieve the objective?

Options:

A.

Use IPS group signatures, set rate-mode 60.

B.

Use IPS packet logging option with periodical filter option.

C.

Use IPS filter, rate-mode periodical option.

D.

Use IPS filter, rate-mode periodical option.

Buy Now
Exam Code: FCP_FGT_AD-7.6
Exam Name: FortiGate 7.6 Administrator FCP_FGT_AD-7.6
Last Update: Jul 30, 2025
Questions: 45
FCP_FGT_AD-7.6 pdf

FCP_FGT_AD-7.6 PDF

$29.75  $84.99
 Add to Cart
FCP_FGT_AD-7.6 Engine

FCP_FGT_AD-7.6 Testing Engine

$33.25  $94.99
 Add to Cart
FCP_FGT_AD-7.6 PDF + Engine

FCP_FGT_AD-7.6 PDF + Testing Engine

$47.25  $134.99
 Add to Cart