Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > Fortinet > Public Cloud Security > FCP_WCS_AD-7.4

FCP_WCS_AD-7.4 FCP - AWS Cloud Security 7.4 Administrator Exam Question and Answers

Question # 4

Refer to the exhibit.

Traffic is initiated from the EC2 instance and is destined for the internet.

Which traffic flow is correct?

A.

EC2 instance > NAT GW > IGW > internet

B.

There is no route to the internet in the Private Route Table. The traffic does not reach the internet.

C.

EC2 instance > GWLBe > NAT GW > IGW > internet

D.

EC2 instance > GWLBe > internet

Full Access
Question # 5

An administrator must deploy a web application firewall (WAF) solution to protect the web applications of their organization.

Why would the administrator choose FortiWeb Cloud over AWS WAF with Fortinet managed rules?

A.

WAF signatures must be manually updated by FortiGuard.

B.

The solution must meet PCI 6.6 compliance.

C.

SSL inspection is a requirement.

D.

Traffic must be inspected for malware.

Full Access
Question # 6

AWS native network services offer vast functionality and inter-connectivity between the cloud and on-premises networks.

Which three additional functions can FortiGate for AWS offer to complement the native services offered by AWS? (Choose three.)

A.

Higher VPN throughput

B.

Web filtering

C.

OSPF over IPSec

D.

Advanced dynamic routing

E.

Secure SD-WAN with application visibility

Full Access
Question # 7

A customer is attempting to deploy an active-passive high availability (HA) cluster using the software-defined network (SDN) connector in the AWS cloud.

What is an important consideration to ensure a successful formation of HA, failover, and traffic flow?

A.

Both cluster members must be in the same availability zone.

B.

VDOM exceptions must be configured.

C.

Unicast FortiGate Clustering Protocol (FGCP) must be used.

D.

Both cluster members must show as healthy in the elastic load balancer (ELB) configuration.

Full Access
Question # 8

Your organization is deciding between deploying FortiWeb VM or Fortinet Managed Rules for AWS WAF.

What are two benefits of choosing FortiWeb VM? (Choose two.)

A.

Only pay for what is used.

B.

Up-to-date WAF signatures powered by FortiGuard.

C.

Zero-day protection.

D.

Advanced WAF functionality.

Full Access
Question # 9

Refer to the exhibit.

A customer is using the AWS Elastic Load Balancer (ELB).

Which two statements are correct about the ELB configuration? (Choose two.)

A.

The load balancer is configured to load balance traffic among multiple availability zones.

B.

The Amazon Resource Name is used to access the load balancer node and targets.

C.

You can use the DNS name to reach the targets behind the ELB.

D.

The load balancer is configured for the internal traffic of the virtual public cloud (VPC).

Full Access
Question # 10

You are troubleshooting network connectivity issues between two VMs deployed in AWS.

One VM is a FortiGate located on subnet "LAN" that is part of the VPC "Encryption". The other VM is a Windows server located on the subnet "servers" which is also in the "Encryption" VPC. You are unable to ping the Windows server from FortiGate.

What are two reasons for this? (Choose two.)

A.

The firewall in the Windows VM is blocking the traffic.

B.

The default AWS Network Access Control List (NACL) does not allow this traffic.

C.

By default, AWS does not allow ICMP traffic between subnets.

D.

Add an inbound allow ICMP rule in the security group attached to the windows server.

Full Access
Copyright myexamcollection.com. All Right Reserved.