View all questions & answers for the NSE 7 - Public Cloud Security 7.6.4 Architect Exam Materials exam


Question 15 Discussion

A customer would like to use FortiGate fabric integration with FortiCNP. When adding a FortiGate VM to FortiCNP, which three mandatory configuration steps must you follow on FortiGate? (Choose three answers)

  • A. Enable pre-shared key on both sides.
  • B. Import the FortiGate certificate into FortiCNP.
  • C. Configure FortiGate to send logs to FortiCNP.
  • D. Create an IPS sensor and a firewall policy.
  • E. Create an SSL/SSH inspection profile.
Correct Answer: C,D,E

Brave-Dump Clients Votes

CDE 100%

Comments



Mr_Fortitito 2025-09-03 02:35:57

Selected Answers: C, D, E


FortiCNP Features and Use Cases, study guide page 204

Before configuring FortiGate to send IPS logs to FortiCNP, ensure the following prerequisites are met:
• Deploy a FortiGate VM in one of the onboarded cloud accounts. The FortiGate VM must be running version 6.4.0 or later.
• Ensure the protected VMs are in the same region as the FortiGate VM.

FortiGate configuration steps:
• Follow the same steps you normally use to configure FortiGate to send logs to either FortiAnalyzer or FortiManager. The server address where you must send logs is provided by FortiCNP on the first page of the Add New FortiGate wizard.
• Create an SSL/SSH inspection profile on FortiGate, and an IPS sensor.
• Create a firewall policy that uses the previously created IPS sensor and SSL/SSH inspection profile. This policy should define the allowed and blocked traffic, ensuring that all monitored traffic is subject to IPS and SSL/SSH inspection