FCP_WCS_AD-7.4無料問題集「Fortinet FCP - AWS Cloud Security 7.4 Administrator」

質問 1

Refer to the exhibit.

You deployed an active-passive FortiGate HA cluster using a CloudFormation template on an existing VPC. Now you want to test active-passive FortiGate HA failover by running a debug so you can see the API calls to change the Elastic and secondary IP addresses.
Which statement is correct about the output of the debug?

（A）The Elastic IP is associated with port1 of Fgt2.

（B）IP address 10.0.0.13 is now associated with eni-0b61d8afc0aefb8a2.

（C）The Elastic IP is associated with port2 of Fgt2, and the secondary IP address for port1 and port2 was updated successfully.

（D）The routing table for Fgt2 updated successfully, and port2 will provide internet access to Fgt2.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

An administrator has been asked to deploy an active-passive (A-P) FortiGate cluster in the AWS cloud across two availability zones.
In addition to enhanced redundancy, which other major difference is there compared to deploying A-P high availability in the same availability zone?

（A）Secondary IP address configuration is used.

（B）IP addressing and subnetting are not shared.

（C）The number of subnets required is less.

（D）The FortiGate devices act as a single, logical instance.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Refer to the exhibit.

An administrator configured a FortiGate device to connect to the AWS API to retrieve resource values from the AWS console to create dynamic objects for the FortiGate policies. The administrator is unable to retrieve AWS dynamic objects on FortiGate.
Which two reasons can explain why? (Choose two.)

（A）AWS was not able to validate credentials provided by the AWS Lab SDN connector because of a clock skew between FortiGate and AWS.

（B）The AWS API call is not supported on XML version 1.0.

（C）The AWS Lab SDN connector failed to connect on port 401.

（D）The AWS Lab SDN did not find any instances in the configured VPC.

（E）The AWS Lab SDN connector is configured with an invalid AWS access or secret key.

正解：A、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

A global organization with cloud networks deployed in several AWS regions wants to set up next-generation firewall (NGFW) protection using FortiGate Cloud-Native Firewall (CNF).
What are two deployment considerations for the organization? (Choose two.)

（A）They must choose AWS Firewall Manager to provision a CNF instance.

（B）More than one AWS account can be associated with a CNF instance.

（C）Only one CNF instance is required to protect all AWS regions.

（D）A CNF instance is required for each AWS region that must be protected.

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

FCP_WCS_AD-7.4 無料問題集「Fortinet FCP - AWS Cloud Security 7.4 Administrator」

弊社を連絡する

関連リンク

トップ試験