New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

A customer has deployed FortiGate Cloud-Native Firewall (CNF).

Which two statements are correct about policy sets? (Choose two.)

A.

There is an implicit deny rule at the bottom of the policy set.

B.

The policy set must be manually synchronized to the CNF instance each time it is modified.

C.

A new policy set is created with each deployed CNF instance.

D.

Multiple policy sets can be applied to a single CNF instance.

Full Access
Question # 5

A global organization with cloud networks deployed in several AWS regions wants to set up next-generation firewall (NGFW) protection using FortiGate Cloud-Native Firewall (CNF).

What are two deployment considerations for the organization? (Choose two.)

A.

They must choose AWS Firewall Manager to provision a CNF instance.

B.

A CNF instance is required for each AWS region that must be protected.

C.

More than one AWS account can be associated with a CNF instance.

D.

Only one CNF instance is required to protect all AWS regions.

Full Access
Question # 6

An administrator wants to deploy a solution to automatically create firewall rules on FortiGate to accelerate time-to-protection for threats.

Which AWS service can be integrated with FortiGate to accomplish this?

A.

AWS Firewall Manager

B.

AWS network access control list

C.

SDN Connector for AWS

D.

AWS GuardDuty

Full Access
Question # 7

Your organization is deciding between deploying FortiWeb VM or Fortinet Managed Rules for AWS WAF.

What are two benefits of choosing FortiWeb VM? (Choose two.)

A.

Only pay for what is used.

B.

Up-to-date WAF signatures powered by FortiGuard.

C.

Zero-day protection.

D.

Advanced WAF functionality.

Full Access
Question # 8

AWS native network services offer vast functionality and inter-connectivity between the cloud and on-premises networks.

Which three additional functions can FortiGate for AWS offer to complement the native services offered by AWS? (Choose three.)

A.

Higher VPN throughput

B.

Web filtering

C.

OSPF over IPSec

D.

Advanced dynamic routing

E.

Secure SD-WAN with application visibility

Full Access
Question # 9

Refer to the exhibit.

Traffic is initiated from the EC2 instance and is destined for the internet.

Which traffic flow is correct?

A.

EC2 instance > NAT GW > IGW > internet

B.

There is no route to the internet in the Private Route Table. The traffic does not reach the internet.

C.

EC2 instance > GWLBe > NAT GW > IGW > internet

D.

EC2 instance > GWLBe > internet

Full Access
Question # 10

An administrator is adding a web application to be protected by FortiWeb Cloud.

Which two steps are necessary to successfully onboard the application? (Choose two.)

An administrator is adding a web application to be protected by FortiWeb Cloud.

Which two steps are necessary to successfully onboard the application? (Choose two.)

A.

Wait for the EC2 instance to be created.

B.

Provide a web application name.

C.

Create DNS records in the domain server that hosts the application.

D.

Enable a content delivery network (CDN) in the same region where your application is located.

Full Access