Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

DumpsWrap Logo

Fortinet FCP_WCS_AD-7.4 Dumps

Page: 1 / 4
Total 35 questions
Get FCP_WCS_AD-7.4 Full Access Download FCP_WCS_AD-7.4 PDF

FCP - AWS Cloud Security 7.4 Administrator Exam Questions and Answers

Question 1

Which three statements correctly describe FortiGate Cloud-Native Firewall (CNF)? (Choose three.)

Options:

A.

It provides carrier-grade protection.

B.

It scales seamlessly.

C.

It uses AWS Elastic Load Balancing (ELB).

D.

It is considered to be a Firewall-as-a-Service (FWaaS).

E.

It can be managed by FortiManager and AWS firewall manager.

Question 2

Which three statements are correct about VPC flow logs? (Choose three.)

Options:

A.

Flow logs do not capture traffic to and from 169.254.169.254 for instance metadata.

B.

Flow logs do not capture DHCP traffic.

C.

Flow logs can capture traffic to the reserved IP address for the default VPC router.

D.

Flow logs can be used as a security tool to monitor the traffic that is reaching the instance.

E.

Flow logs can capture real-time log streams for the network interfaces.

Question 3

An organization has created a VPC with two subnets and deployed a FortiGate-VM (VM04/c4.xlarge) in AWS.

The EC2 instance is initially configured with two Elastic Network Interfaces (ENIs). The primary ENI is configured on the public subnet, and the secondary ENI is configured on the private subnet. To provide internet access for the FortiGate-VM, they now want to associate an EIP to its primary ENI, but the assignment is failing.

Which action would allow the EIP assignment to be successful?

Options:

A.

Create and associate a public subnet with the primary ENI of the FortiGate VM, and then assign the EIP to the primary ENI.

B.

Shut down the FortiGate VM, if it is running, assign the EIP to the primary ENI, and then power it on.

C.

Create and attach an internet gateway to the VPC, and then assign the EIP to the primary ENI of the FortiGate VM.

D.

Create and attach a public routing table to the public subnet, associate the public subnet with the primary ENI of the FortiGate VM, and then assign the EIP to the primary ENI.

Question 4

An organization has the requirement to connect a data VPC to the on-premises infrastructure of a branch office in a hybrid cloud environment. The connectivity needs the higher bandwidth but the organization does not want to use multiple connections between sites.

Which AWS solution meets the requirement?

Options:

A.

Transit VPC with IPSec

B.

Internet Gateway

C.

Transit Gateway multicast

D.

Transit Gateway Connect

Question 5

An administrator needs to attach an Elastic Network Interface (ENI) to an application instance in a VPC with multiple availability zones. An instance runs in availability zone 1.

Which ENI property must the administrator consider when implementing this requirement?

Options:

A.

An ENI cannot attach to an instance in availability zone 2.

B.

After the ENI detaches from one instance, it can reattach only to the same instance.

C.

You can detach the primary ENI from an AWS instance.

D.

When you move an ENI, network traffic remains directed to the old instance until you terminate that instance.

Question 6

An administrator wants to deploy a solution to automatically create firewall rules on FortiGate to accelerate time-to-protection for threats.

Which AWS service can be integrated with FortiGate to accomplish this?

Options:

A.

AWS Firewall Manager

B.

AWS network access control list

C.

SDN Connector for AWS

D.

AWS GuardDuty

Question 7

Your customers have been reporting slow response times when accessing your web application.

What are two possible ways to increase response times from web servers protected by FortiWeb Cloud? (Choose two.)

Your customers have been reporting slow response times when accessing your web application.

What are two possible ways to increase response times from web servers protected by FortiWeb Cloud? (Choose two.)

Options:

A.

Deploy FortiWeb Cloud in the same region where your web application is beinghosted.

B.

Enable a content delivery network

C.

Modify DNS entries to directly point to your web server.

D.

Disable WAF functionality.

Question 8

An administrator is adding a web application to be protected by FortiWeb Cloud.

Which two steps are necessary to successfully onboard the application? (Choose two.)

An administrator is adding a web application to be protected by FortiWeb Cloud.

Which two steps are necessary to successfully onboard the application? (Choose two.)

Options:

A.

Wait for the EC2 instance to be created.

B.

Provide a web application name.

C.

Create DNS records in the domain server that hosts the application.

D.

Enable a content delivery network (CDN) in the same region where your application is located.

Question 9

You are troubleshooting network connectivity issues between two VMs deployed in AWS.

One VM is a FortiGate located on subnet "LAN" that is part of the VPC "Encryption". The other VM is a Windows server located on the subnet "servers" which is also in the "Encryption" VPC. You are unable to ping the Windows server from FortiGate.

What are two reasons for this? (Choose two.)

Options:

A.

The firewall in the Windows VM is blocking the traffic.

B.

The default AWS Network Access Control List (NACL) does not allow this traffic.

C.

By default, AWS does not allow ICMP traffic between subnets.

D.

Add an inbound allow ICMP rule in the security group attached to the windows server.

Question 10

A global organization with cloud networks deployed in several AWS regions wants to set up next-generation firewall (NGFW) protection using FortiGate Cloud-Native Firewall (CNF).

What are two deployment considerations for the organization? (Choose two.)

Options:

A.

They must choose AWS Firewall Manager to provision a CNF instance.

B.

A CNF instance is required for each AWS region that must be protected.

C.

More than one AWS account can be associated with a CNF instance.

D.

Only one CNF instance is required to protect all AWS regions.

Load More FCP_WCS_AD-7.4 Questions
Page: 1 / 4
Total 35 questions
Get FCP_WCS_AD-7.4 Full Access Download FCP_WCS_AD-7.4 PDF