Fortinet FCSS_EFW_AD-7.4 Practice Exams
Last updated on Apr 09,2025- Exam Code: FCSS_EFW_AD-7.4
- Exam Name: FCSS - Enterprise Firewall 7.4 Administrator
- Certification Provider: Fortinet
- Latest update: Apr 09,2025
Which two configuration commands change the default behavior for content-inspected traffic while FortiGate is in conserve mode? (Choose two.)
- A . set av-failopen off
- B . set av-failopen pass
- C . set fail-open enable
- D . set ips fail-open disable
Refer to the exhibit, which shows a partial routing table.
Assuming all the appropriate firewall policies are configured, what two changes would an administrator need to make if they wanted to send traffic from a client directly connected to port3, to a server directly connected to port4? (Choose two.)
- A . Configure route leaking between VRF 12 and VRF 21.
- B . Disable auto-asic-offload as this is not supported between VRF instances.
- C . Configure RIPv2 to exchange route information between the VRF instances.
- D . Configure route leaking between port3 and port4.
- E . Enable SNAT on the relevant firewall policies to prevent RPF check drops.
Which step can be taken to ensure that only FortiAP devices receive IP addresses from a DHCP server on FortiGate?
- A . Change the interface addressing mode to FortiAP devices
- B . Create a reservation list in the DHCP server settings
- C . Configure a VCI string value of FortiAP in the DHCP server settings
- D . Use DHCP option 138 to assign IPs to FortiAP devices
An administrator has configured the following CLI script on FortiManager, which failed to apply any changes to the managed device after being executed
Why didn’t the script make any changes to the managed device?
- A . Commands that start with the # sign are not executed.
- B . CLI scripts will add objects only if they are referenced by policies.
- C . Incomplete commands are ignored in CLI scripts.
- D . Static routes can only be added using TCL scripts.
Refer to the exhibit, which shows a partial web filter profile configuration.
Which action will FortiGate take if a user attempts to access www.dropbox.com, which is categorized as File Sharing and Storage?
- A . FortiGate will block the connection, based on the FortiGuard category based filter configuration.
- B . FortiGate will block the connection as an invalid URL.
- C . FortiGate will exempt the connection, based on the Web Content Filter configuration.
- D . FortiGate will allow the connection, based onthe URL Filter configuration.
View the exhibit, which contains the output of a debug command, then answer the question below.
Why is the gateway to source for this session 0.0.0.0?
- A . The traffic for this session is ICMP.
- B . The the source of the traffic is directly connected to the FortiGate.
- C . The FortiGate is not doing NAT over this traffic.
- D . FortiGate has only seen the first packet sent by the originator.
Four FortiGate devices configured for OSPF connected to the same broadcast domain. The first unit is elected as the designated router.
The second unit is elected as the backup designated router.
Under normal operation, how many OSPF full adjacencies are formed to each of the other two units?
- A . 1
- B . 2
- C . 3
- D . 4
Which three conditions are required for two FortiGate devices to form an OSP adjacency? (Choose three.)
- A . OSPF costs match
- B . OSPF peer IDs match
- C . Hello and dead intervals match
- D . OSPF IP MTUs match
- E . IP addresses are in the same subnet
Examine the output from the ‘diagnose vpn tunnel list’ command shown in the exhibit; then answer the question below.
Which command can be used to sniffer the ESP traffic for the VPN DialUP_0?
- A . diagnose sniffer packet any ‘port 500’
- B . diagnose sniffer packet any ‘esp’
- C . diagnose sniffer packet any ‘host 10.0.10.10’
- D . diagnose sniffer packet any ‘port 4500’
An administrator has decreased all the TCP session timers to optimize the FortiGate memory usage. However, after the changes, one network application started to have problems.
During the troubleshooting, the administrator noticed that the FortiGate deletes the sessions after the clients send the SYN packets, and before the arrival of the SYN/ACKs.
When the SYN/ACK packets arrive to the FortiGate, the unit has already deleted the respective sessions.
Which TCP session timer must be increased to fix this problem?
- A . TCP half open.
- B . TCP half close.
- C . TCP time wait.
- D . TCP session time to live.