Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

You need a solution to safeguard public cloud-hosted web applications from the OWASP Top 10 vulnerabilities. The solution must support the same region in which your applications reside, with minimum traffic cost

Which solution meets the requirements?

A.

Use FortiADC

B.

Use FortiCNP

C.

Use FortiWebCloud

D.

Use FortiGate

Full Access
Question # 5

An administrator is looking for a solution that can provide insight into users and data stored in major SaaS applications in the multicloud environment Which product should the administrator deploy to have secure access to SaaS applications?

A.

FortiProxy

B.

FortiSandbox

C.

ForliCASB

D.

FortiWeb

Full Access
Question # 6

You are adding a new spoke to the existing transit VPC environment using the AWS Cloud Formation template. Which two components must you use for this deployment? (Choose two.)

A.

The OSPF AS value used for the hub.

B.

The Amazon CloudWatch tag value.

C.

The BGPASN value used for the transit VPC.

D.

The tag value of the spoke

Full Access
Question # 7

An administrator decides to use the Use managed identity option on the FortiGate SDN connector with Microsoft Azure However, the SDN connector is failing on the connection What must the administrator do to correct this issue?

A.

Make sure to add the Tenant ID on FortiGate side of the configuration

B.

Make sure to set the type to system managed identity on FortiGate SDN connector settings

C.

Make sure to enable the system assigned managed identity on Azure

D.

Make sure to add the Client secret on FortiGate side of the configuration

Full Access
Question # 8

Refer to the exhibit

The exhibit shows the results of a FortiCNP registry scan

Which two statements are correct? (Choose two )

A.

When adding a repository, you can leave the Tag section blank to scan all images-

B.

The registry scan is part of the FortiCNP cloud protection.

C.

The registry scan is part of the FortiCNP container protection.

D.

When adding a repository, you can add a minimum number of images to be imported through the CAP section.

Full Access
Question # 9

Your goal is to deploy resources in multiple places and regions in the public cloud using Terraform.

What is the most efficient way to deploy resources without changing much of the Terraform code?

A.

Use multiple terraform.tfvars files With a variables.tf file.

B.

Use the provider. tf file to add all the new values

C.

Install and configure two Terraform staging servers to deploy resources.

D.

Use the variable, tf file and edit its values to match multiple resources

Full Access
Question # 10

What are two main features in Amazon Web Services (AWS) network access control lists (ACLs)? (Choose two.)

A.

You cannot use Network ACL and Security Group at the same time.

B.

The default network ACL is configured to allow all traffic

C.

NetworkACLs are stateless, and inbound and outbound rules are used for traffic filtering

D.

Network ACLs are tied to an instance

Full Access
Question # 11

Refer to the exhibit

You are deploying two FortiGate VMS in HA active-passive mode with load balancers in Microsoft Azure

Which two statements are true in this load balancing scenario? (Choose two.)

A.

The FortiGate public IP is the next-hop for all the traffic.

B.

An internal load balancer listener is the next-hop for outgoing traffic.

C.

You must add a route to the Microsoft VIP used for the health check.

D.

A dedicated management interface can be used for load balancing.

Full Access
Question # 12

How does an administrator secure container environments from newly emerged security threats?

A.

Use distributed network-related application control signatures.

B.

Use Amazon AWS-related application control signatures

C.

Use Amazon AWS_S3-related application control signatures

D.

Use Docker-related application control signatures

Full Access
Question # 13

Refer to the exhibit.

An administrator has deployed a FortiGate VM in Amazon Web Services (AWS) and is trying to access it using its public IP address from their local computer However, the connection is not successful and at the same time FortiGate is not receiving any HTTPS or SSH traffic to its external interface

What should the administrator check for possible issue?

A.

Run a debug flow to check any network ACLs

B.

Check the FortiGate firewall policies

C.

Check the FortiGate instance ID

D.

Check the inbound network security group rules

Full Access
Question # 14

Refer to the exhibit.

What would be the impact of confirming to delete all the resources in Terraform?

A.

It destroys all the resources in the . tfvars file

B.

It destroys all the resources tied to the AWS Identity and Access Management (1AM) user.

C.

It destroys all the resources in the resource group

D.

It destroys all the resources in the state file.

Full Access
Question # 15

An administrator would like to keep track of sensitive data files located in the Amazon Web Services (AWS) S3 bucket and protect it from malware. Which Fortinet product or feature should the administrator use?

A.

FortiCNP application control policies

B.

FortiCNP web sensitive polices

C.

FortiCNP DLP policies

D.

FortiCNP compliance scanning policies

Full Access
Question # 16

You are troubleshooting an Azure SDN connectivity issue with your FortiGate VM

Which two queries does that SDN connector use to interact with the Azure management API? (Choose two.)

A.

The first query is targeted to a special IP address to get a token.

B.

The first query is targeted to IP address 8.8

C.

There is only one query initiating from FortiGate port1 -

D.

Some queries are made to manage public IP addresses.

Full Access
Question # 17

Refer to the exhibit.

What value or values must the administrator use in the SSH Key section to deploy a FortiGate VM using Terraform in Amazon Web Services (AWS)?

A.

Use the Name and ID values of the key pair

B.

Use the Name of the key pair

C.

Use the ID value of the key pair.

D.

Use the Fingerprint value of the key pair

Full Access