Month End Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_CDS_AR-7.6
  5. FCSS_CDS_AR-7.6 - FCSS - Public Cloud Security 7.6 Architect

Fortinet FCSS_CDS_AR-7.6 FCSS - Public Cloud Security 7.6 Architect Exam Practice Test

Page: 1 / 4
Total 38 questions
Get FCSS_CDS_AR-7.6 Full Access Download FCSS_CDS_AR-7.6 PDF

FCSS - Public Cloud Security 7.6 Architect Questions and Answers

Question 1

Refer to the exhibit.

Question # 1

After analyzing the native monitoring tools available in Azure, an administrator decides to use the tool displayed in the exhibit.

Why would an administrator choose this tool?

Options:

A.

To view details about Azure resources and their relationships across multiple regions.

B.

To obtain, and later examine, traffic flow data with a visualization tool.

C.

To help debug issues affecting virtual network gateways.

D.

To compare the latency of an on-premises site with the latency of an Azure application.

Question 2

Refer to the exhibit.

Question # 2

You have deployed a Linux EC2 instance in Amazon Web Services (AWS) with the settings shown on the exhibit.

What next step must the administrator take to access this instance from the internet?

Options:

A.

Allocate an Elastic IP address and assign it to the instance.

B.

Create a VIP on FortiGate to allow access.

C.

Enable SSH and allocate it to the device.

D.

Configure the user name and password.

Question 3

The cloud administration team is reviewing an AWS deployment that was done using CloudFormation.

The deployment includes six FortiGate instances that required custom configuration changes after being deployed. The team notices that unwanted traffic is reaching some of the FortiGate instances because the template is missing a security group.

To resolve this issue, the team decides to update the JSON template with the missing security group and then apply the updated template directly, without using a change set.

What is the result of following this approach?

Options:

A.

If new FortiGate instances are deployed later they will include the updated changes.

B.

Some of the FortiGate instances may be deleted and replaced with new copies.

C.

The update is applied, and the security group is added to all instances without interruption.

D.

CloudFormation rejects the update and warns that a new full stack is required.

Question 4

You areusing Ansible to modify the configuration ofseveral FortiGate VMs.

What is the minimum number of files you need to creat,and in which file should you configure the target FortiGate IP addresses?

Options:

A.

One playbook file for each target and the requiredtasks,and one inventory file.

B.

One .yaml file with the targets IP addresses, and oneplaybook Tile with the tasks.

C.

One inventory file for each target device, and one playbook file.

D.

One text lite for all target devices, and one playbook file.

Question 5

Your monitoring team reports performance issues with a web application hosted in Azure. You suspect that the bottleneck might be due to unexpected inbound traffic spikes.

Which method should you use to identify and analyze the traffic pattern?

Options:

A.

Deploy Azure Firewall to log traffic by IP address.

B.

Enable Azure DDoS protection to prevent inbound traffic spikes.

C.

Use Azure Traffic Manager to visualize all traffic to the application.

D.

Enable NSG Flow Logs and analyze logs with Azure Monitor.

Question 6

Refer to the exhibit.

Question # 6

You attempted to access the Linux1 EC2 instance directly from the internet using its public IP address in AWS. However, your connection is not successful.

Given the network topology, what can be the issue?

Options:

A.

There is no connection between VPC A and VPC B.

B.

There is no internet gateway attached to the Spoke VPC A.

C.

The Transit Gateway BGP IP address is incorrect.

D.

There is no elastic IP address attached to FortiGate in the Security VPC.

Question 7

You have deployed a FortiGate HA cluster in Azure using a gateway load balancer for traffic inspection. However, traffic is not being routed correctly through the firewalls.

What can be the cause of the issue?

Options:

A.

The FortiNet VMs have IP forwarding disabled, which is required for traffic inspection.

B.

The health probes for the gateway load balancer are failing, which causes traffic to bypass the HA cluster.

C.

The gateway load balancer is not associated with the correct network security group (NSG) rules, which allow traffic to pass through.

D.

The protected VMs are in a different Azure subscription, which prevents the gateway load balancer from forwarding traffic.

Question 8

Refer to the exhibit.

Question # 8

You are troubleshooting a Microsoft Azure SDN connector issue on your FortiGate VM in Azure.

Which command can you use to examine details about API calls sent by the connector?

Options:

A.

diag debug application cloud-connector -1

B.

diag test application azd 1

C.

diag debug application azd -1

D.

get system sdn-connector

Question 9

Exhibit.

Question # 9

In which type of FortiCNP insights can an administrator examine the findings triggered by this policy?

Options:

A.

Data

B.

Threat

C.

Risk

D.

User activity

Question 10

Refer to the exhibit.

Question # 10

An administrator used the what-if tool to preview changes to an Azure Bicep file.

What will happen if the administrator decides to apply these changes in Azure?

Options:

A.

Subnet 10.0.1.0/24 will replace subnet 10.0.2.0/24.

B.

This deployment will fail and no changes will be applied.

C.

A new subnet will be added to ServerApps.

D.

The ServerApps VNet will be renamed.

Question 11

Refer to the exhibit.

Question # 11

You deployed a FortiGate HA active-passive cluster in Microsoft Azure.

Which two statements regarding this particular deployment are true? (Choose two.)

Options:

A.

You can use the vdom-exception command to synchronize the configuration.

B.

During a failover, all existing sessions are transferred to the new active FortiGate.

C.

The configuration does not synchronize between the primary and secondary devices.

D.

There is no SLA for API calls from Microsoft Azure.

Load More FCSS_CDS_AR-7.6 Questions 
Page: 1 / 4
Total 38 questions
Get FCSS_CDS_AR-7.6 Full Access Download FCSS_CDS_AR-7.6 PDF