Fortinet FCP_WCS_AD-7.4 Practice Exams
Last updated on Apr 09,2025- Exam Code: FCP_WCS_AD-7.4
- Exam Name: FCP - AWS Cloud Security 7.4 Administrator
- Certification Provider: Fortinet
- Latest update: Apr 09,2025
Refer to the exhibit.
Which two statements are correct about traffic flow in FortiWeb Cloud? (Choose two.)
- A . The DNS name for the application servers must point to FortiWeb Cloud.
- B . FortiWeb Cloud filters the incoming traffic from users, blocking the OWASP Top 10 attacks, zero-day threats, and other application layer attacks.
- C . FortiWeb Cloud can protect the application servers only if they are all located in the same virtual public cloud (VPC).
- D . Step 2 requires an AWS S3 bucket to be created.
An administrator is adding a web application to be protected by FortiWeb Cloud.
Which two steps are necessary to successfully onboard the application? (Choose two.)
- A . Wait for the EC2 instance to be created.
- B . Provide a web application name.
- C . Create DNS records in the domain server that hosts the application.
- D . Enable a content delivery network (CDN) in the same region where your application is located.
A customer has deployed FortiGate Cloud-Native Firewall (CNF).
Which two statements are correct about policy sets? (Choose two.)
- A . There is an implicit deny rule at the bottom of the policy set.
- B . The policy set must be manually synchronized to the CNF instance each time it is modified.
- C . A new policy set is created with each deployed CNF instance.
- D . Multiple policy sets can be applied to a single CNF instance.
A cloud administrator is tasked with protecting web applications hosted in AWS cloud.
Which three Fortinet cloud offerings can the administrator choose from to accomplish the task? (Choose three.)
- A . AWS WAF
- B . FortiEDR
- C . FortiGate Cloud-Native Firewall (CNF)
- D . Fortinet Managed Rules for AWS WAF
- E . FortiWeb Cloud
A customer is attempting to deploy an active-passive high availability (HA) cluster using the software-defined network (SDN) connector in the AWS cloud.
What is an important consideration to ensure a successful formation of HA, failover, and traffic flow?
- A . Both cluster members must be in the same availability zone.
- B . VDOM exceptions must be configured.
- C . Unicast FortiGate Clustering Protocol (FGCP) must be used.
- D . Both cluster members must show as healthy in the elastic load balancer (ELB) configuration.
A global organization with cloud networks deployed in several AWS regions wants to set up next-generation firewall (NGFW) protection using FortiGate Cloud-Native Firewall (CNF).
What are two deployment considerations for the organization? (Choose two.)
- A . They must choose AWS Firewall Manager to provision a CNF instance.
- B . A CNF instance is required for each AWS region that must be protected.
- C . More than one AWS account can be associated with a CNF instance.
- D . Only one CNF instance is required to protect all AWS regions.
Refer to the exhibit.
What two conclusions can you draw from the FortiGate debug output? (Choose two.)
- A . The dynamic address object is automatically updated if the IP changes.
- B . The address object AWS Windows Server Lab can be manually changed on FortiGate.
- C . The SDN connector is correctly configured and authorized.
- D . The AWS user account used for software-defined network (SDN) integration must have full administrative rights.
How can you achieve automatic configuration of FortiGate instances in AWS using the Fortinet HA CloudFormation template?
- A . By creating a DynamoDB table
- B . By staging in an S3 bucket in the same region
- C . By using a default S3 bucket created by the CloudFormation template
- D . By utilizing an Elastic Load Balancer