● FCP - Azure Cloud Security 7.4 Administrator Exam Material

Please note that the exam "FCP - Azure Cloud Security 7.4 Administrato" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,

Question #21

What is the primary purpose of enabling the IP forwarding setting on FortiGate in Azure? (Choose one answer)

A. To prevent source and destination checks on network interfaces
B. To disable network security group (NSG) rules
C. To block incoming and outgoing network traffic
D. To enable the VM to act as a router

Question #22

What are two characteristics of Azure standard public IP addresses? (Choose two answers)

A. They support the use of availability zones
B. They can be dynamic or static
C. They can be used with load balancers of any SKU
D. They require the configuration of NSGs for inbound traffic

Question #23

Which statement about deploying VMs in a gateway subnet is true? (Choose one answer)

A. VMs are not allowed in a gateway subnet
B. VMs can be deployed in a gateway subnet only after you deploy the VPN Gateway
C. VMs are required in a gateway subnet
D. VMs are automatically deployed in a gateway subnet

Question #24

What is a limitation of the Network Security Groups (NSGs) in Azure? (Choose one answer)

A. NSGs allow the filtering of inbound traffic only.
B. NSGs are applied only to vNICs.
C. NSGs operate at the application layer, limiting their effectiveness in the network layer.
D. NSGs cannot be applied to individual virtual machines.

Question #25

In Microsoft Entra ID, what is the primary administrative unit that represents an organization and its relationship with Microsoft's cloud services? (Choose one answer)

A. Microsoft Entra tenant
B. Microsoft Entra subscription
C. Microsoft Entra organization
D. Microsoft Entra domain

Question #26

Refer to the exhibit.

Your company runs front-end web servers in Azure. You need to deploy a Linux VM to be used as a web server.

To protect your web servers with a web application firewall (WAF), you deploy FortiWeb to secure applications from web-based attacks.

Which FortiWeb operation mode can you implement for this scenario?

D. (Choose one answer)

A. Reverse proxy
B. True transparent proxy
C. Passive monitoring
D. Transparent inspection

Question #27

You want to take advantage of Azure availability zones for your cloud-based Fortinet deployment.
Which two benefits do Azure availability zones provide? (Choose two answers)

A. Enhanced protection for application and data in a single Azure region
B. Improve database performance and reliability
C. Protect applications and data through high availability with fault isolation and redundancy
D. Protect applications and data across multiple Azure regions

Question #28

After integrating a FortiGate VM with Azure Route Server, you detect that routes are not propagating successfully.
What initial step could you perform to diagnose the root cause? (Choose one answer)

A. Examine the Azure Microsoft Entra ID permissions associated with the FortiGate VM to ensure that correct authentication is being used for BGP peering
B. Monitor the network latency between the FortiGate VM and Azure Route Server to identify potential communication delays affecting route propagation
C. Verify that the FortiGate VM is running the latest firmware version
D. Verify the BGP peering status on both the FortiGate VM and Azure Route Server

Question #29

You deployed a FortiGate active-active with ELB/ILB solution using the template from Azure Marketplace.

What is the purpose of the inbound NAT rules configured in the external load balancer in this deployment? (Choose one answer)

A. To load balance the incoming traffic between both FortiGate VMs
B. To filter inbound traffic before it reaches the FortiGate instances
C. To forward the health probes to both FortiGate VMs
D. To allow administrative access to the FortiGate VMs

Question #30

What is a key advantage of the branch-to-hub to hub-to-branch topology in an Azure virtual WAN? (Choose one answer)

A. Increased security through isolated connections between branches and hubs
B. Enhanced scalability enables communication between branch offices
C. Load balancing enabled by the simultaneous connection of each branch to multiple hubs
D. Improved branch-to-branch communication for faster data transfer

● FCP - Azure Cloud Security 7.4 Administrator Exam Material

What is the primary purpose of enabling the IP forwarding setting on FortiGate in Azure? (Choose one answer)

Correct Answer: A

What are two characteristics of Azure standard public IP addresses? (Choose two answers)

Correct Answer: A,D

Which statement about deploying VMs in a gateway subnet is true? (Choose one answer)

Correct Answer: A

What is a limitation of the Network Security Groups (NSGs) in Azure? (Choose one answer)

Correct Answer: D

In Microsoft Entra ID, what is the primary administrative unit that represents an organization and its relationship with Microsoft's cloud services? (Choose one answer)

Correct Answer: A

Correct Answer: A

You want to take advantage of Azure availability zones for your cloud-based Fortinet deployment.
Which two benefits do Azure availability zones provide? (Choose two answers)

Correct Answer: A,C

After integrating a FortiGate VM with Azure Route Server, you detect that routes are not propagating successfully.
What initial step could you perform to diagnose the root cause? (Choose one answer)

Correct Answer: D

You deployed a FortiGate active-active with ELB/ILB solution using the template from Azure Marketplace.

What is the purpose of the inbound NAT rules configured in the external load balancer in this deployment? (Choose one answer)

Correct Answer: D

What is a key advantage of the branch-to-hub to hub-to-branch topology in an Azure virtual WAN? (Choose one answer)

Correct Answer: B

● FCP - Azure Cloud Security 7.4 Administrator Exam Material

What is the primary purpose of enabling the IP forwarding setting on FortiGate in Azure? (Choose one answer)

Correct Answer: A

What are two characteristics of Azure standard public IP addresses? (Choose two answers)

Correct Answer: A,D

Which statement about deploying VMs in a gateway subnet is true? (Choose one answer)

Correct Answer: A

What is a limitation of the Network Security Groups (NSGs) in Azure? (Choose one answer)

Correct Answer: D

In Microsoft Entra ID, what is the primary administrative unit that represents an organization and its relationship with Microsoft's cloud services? (Choose one answer)

Correct Answer: A

Correct Answer: A

You want to take advantage of Azure availability zones for your cloud-based Fortinet deployment. Which two benefits do Azure availability zones provide? (Choose two answers)

Correct Answer: A,C

After integrating a FortiGate VM with Azure Route Server, you detect that routes are not propagating successfully. What initial step could you perform to diagnose the root cause? (Choose one answer)

Correct Answer: D

You deployed a FortiGate active-active with ELB/ILB solution using the template from Azure Marketplace. What is the purpose of the inbound NAT rules configured in the external load balancer in this deployment? (Choose one answer)

Correct Answer: D

What is a key advantage of the branch-to-hub to hub-to-branch topology in an Azure virtual WAN? (Choose one answer)

Correct Answer: B

You want to take advantage of Azure availability zones for your cloud-based Fortinet deployment.
Which two benefits do Azure availability zones provide? (Choose two answers)

After integrating a FortiGate VM with Azure Route Server, you detect that routes are not propagating successfully.
What initial step could you perform to diagnose the root cause? (Choose one answer)

You deployed a FortiGate active-active with ELB/ILB solution using the template from Azure Marketplace.

What is the purpose of the inbound NAT rules configured in the external load balancer in this deployment? (Choose one answer)