FCP FGT AD-7.6

What are two characteristics of HA cluster heartbeat IP addresses in a F01tiGate device? (Choose two.). Heartbeat interfaces have virtual IP addresses that are manually assigned. Heartbeat IP addresses are used to distinguish between cluster members. The heartbeat interface of the primary device in the cluster is always assigned IP address 169.254.0.1. A change in the heartbeat IP address happens when a FortiGate device joins or leaves the cluster.

A network administrator has enabled full SSI inspection and web filtering on FortiGate. When visiting any HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser does not report errors. What is the reason for the certificate warning errors?. The browser does not trust the certificate used by FortiGate for SSI inspection. The option invalid SSL certificates is set to allow on the SSL/SSH inspection profile. The matching firewall policy is set to proxy inspection mode. The certificate used by FortiGate for SSL inspection does not contain the required certificate extensions.

Refer to the exhibits. An administrator creates a new address Object on the root F01tiGate (HQ-NGFW-I) in the Security Fabric. After synchronization, this object is not available on the downstream FortiGate (HQ-ISFW). What must the administrator do to synchronize the address object?. Change the csf setting on HQ-ISFW (downstream) to set configuration-sync local. Change the csf setting on HQ-ISFW (downstream) to set saml-configuration-sync default. Change the csf setting on HQ-NGFW-I (root) to set fabric—object—unification default. Change the csf setting on both devices to set downstream-access enable.

An administrator suspects that the Collector Agent is not forwarding login events to FortiGate. What is the most effective troubleshooting step?. Verity if DC agent is enabled on the FortiGate. Restart the domain controller to refresh authentication services. Verity if FortiGate is setto use LDAP authentication instead of FSSO. Check if TCP pon 8000 is open between the collector agent and FortiGate.

An administrator has observed the performance status outputs on an HA cluster for 55 seconds. Which FortiGate is the primary?. HQ-NGFW-2 with the parameter memory-failover-threshold setting. HQ-NGFW-2 with the parameter priority setting. HQ-NGFW-I With the parameter setting. HQ-NGFW-I with the parameter override setting.

Which statement correctly describes NetAPl mode for the FSSO collector agent?. The collector agent uses a Windows API to query DCS for user logins. NetAPl polling can increase bandwidth usage in large networks. The NetSessionEnum function is used to track user logouts. The collector agent must search Windows application event logs.

Refer to the exhibit, which shows an SD-WAN zone configuration on the FortiGate GUI. Based on the exhibit, which statement is true?. The Underlay zone is the zone by default. The Underlay zone contains no member. port2 and port3 are not assigned to a zone. The virtual-wan-link and overlay zones can be deleted.

Refer to the exhibit. An administrator has configured an Application Overrides for the ABC.Com application signature and set the Action to Allow_ This application control profile is then applied to a firewall policy that is scanning all outbound traffic. Logging is enabled in the firewall policy. To test the configuration, the administrator accessed the ABC.Com web site several times. Why are there no logs generated under security logs for ABC_Com?. The ABC.Com Type is set as Application instead of Filter. The ABC.Com is configured under application profile, which must be configured as a web filter profile. The ABC.Com Action is set to Allow. The ABC.Com is hitting the category Excessive-Bandwidth.