Refer to the exhibits.The exhibits show the application sensor configuration and the Excessive-Bandwidth and Apple filter details.Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming?
Answer(s): D
Based on the application sensor configuration and the filter details:D . Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration: The "Excessive-Bandwidth" filter is set to block, which includes "FaceTime" under its application signature. As a result, FaceTime will be blocked regardless of the "Apple" filter configuration because the "Excessive-Bandwidth" filter takes precedence due to its block action setting.The other options are not correct:A . Apple FaceTime will be allowed, based on the Video/Audio category configuration: The Video/Audio category is not relevant because FaceTime is specifically included in the Excessive- Bandwidth filter, which blocks it.B . Apple FaceTime will be allowed, based on the Apple filter configuration: Although the Apple filter is set to monitor, the block action of the Excessive-Bandwidth filter will override this. C . Apple FaceTime will be allowed only if the Apple filter in Application and Filter Overrides is set to Allow: The allow setting for the Apple filter is irrelevant in this context, as the block action in the Excessive-Bandwidth filter will prevail.
FortiOS 7.4.1 Administration Guide - Application Control and Filtering, page 978. FortiOS 7.4.1 Administration Guide - Application Sensor Configuration, page 982.
An employee needs to connect to the office through a high-latency internet connection. Which SSL VPN setting should the administrator adjust to prevent SSL VPN negotiation failure?
Answer(s): C
For a high-latency internet connection, the SSL VPN setting that should be adjusted is:C . SSL VPN dtls-hello-timeout: This setting determines how long the FortiGate will wait for a DTLS hello message from the client. For high-latency connections, increasing this timeout will prevent SSL VPN negotiation failures caused by delays in receiving the DTLS hello message.The other options are not suitable:A . SSL VPN idle-timeout: This setting controls the idle time allowed before a session is terminated, which is not relevant to the initial connection establishment. B . SSL VPN login-timeout: This setting controls the maximum time allowed for a user to log in, but does not affect connection negotiation.D . SSL VPN session-ttl: This setting controls the total time-to-live for an SSL VPN session but does not directly address issues caused by high latency.
FortiOS 7.4.1 Administration Guide - SSL VPN Configuration, page 1415.
When FortiGate performs SSL/SSH full inspection, you can decide how it should react when it detects an invalid certificate.Which three actions are valid actions that FortiGate can perform when it detects an invalid certificate? (Choose three.)
Answer(s): A,D,E
When FortiGate performs SSL/SSH full inspection and detects an invalid certificate, there are three valid actions it can take:Allow & Warning: This action allows the session but generates a warning. Block & Warning: This action blocks the session and generates a warning. Block: This action blocks the session without generating a warning. Actions such as "Trust & Allow" or just "Allow" without additional configurations are not applicable in the context of handling invalid certificates.
FortiOS 7.4.1 Administration Guide: Configuring SSL/SSH inspection profile
Refer to the exhibit, which shows the IPS sensor configuration.If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)
Answer(s): A,C
The IPS sensor configuration shows that:The Microsoft.Windows.iSCSI.Target.DoS signature is set to "Monitor" with packet logging enabled, meaning that while traffic matching this signature will be allowed, it will also be logged for further analysis.The generic Windows filter is set to "Block," meaning that all other attacks matching this filter will be blocked. However, the sensor will not reset connections or log packets unless specified. Therefore, the sensor will allow attackers matching the specific DoS signature while blocking other attacks against Windows.
FortiOS 7.4.1 Administration Guide: IPS Configuration
Which statement is a characteristic of automation stitches?
Automation stitches on FortiGate can have one or more triggers, which are conditions or events that activate the automation stitch. The trigger defines when the automation stitch should execute the defined actions. Actions within a stitch can be executed sequentially or in parallel, depending on the configuration.
FortiOS 7.4.1 Administration Guide: Automation Stitches
Share your comments for Fortinet FCP_FGT_AD-7.4 exam with other users:
sap c_ts450_2021
nice questions
ecellent materil for unserstanding
good so far
this is way too informative
very helpfull
q.189 - answers are incorrect.
awesome job in getting these questions
i cant find aws certified practitioner clf-c01 exam in aws website but i found aws certified practitioner clf-c02 exam. can everyone please verify the difference between the two clf-c01 and clf-c02? thank you
grazie mille. i got a satisfactory mark in my exam test today because of this exam dumps. sorry for my english.
some of the answers are incorrect. need to be reviewed.
so far so good
i am really liking it
thanks good stuff
need dump c_tadm_23
next time i will write a full review
first time using this site
please sent me oracle 1z0-1105-22 pdf
very helpful
good info about oml
very useful to practice
this website is very helpful.
good content
so challenging
17 should be d ,for morequery its scale out
nice question
yes.
good mateial
good practice exam
impressivre qustion
questions seem helpful
question 21 answer is alerts
am preparing for exam
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your FCP_FGT_AD-7.4, please sign in or create a free account.