● FCP - Secure Wireless LAN 7.4 Administrator Actual Exam Materials

The Actual questions for FCP - Secure Wireless LAN 7.4 Administrator (FCP_FWF_AD-7.4) - updated weekly
Exam Questions: 30
Question #1
Comment Image Comment Image

Refer to the exhibits. FortiGate is pushing the POST parameters shown in the exhibit to the external captive portal server. The wireless client redirection fails because certificate validation occurred while loading the web page. The wireless client browser uses the FortiGate self-signed certificate to access secured web pages. The SSID on FortiGate has the captive portal setting enabled. What could cause the certification validation error on the wireless client? (Choose one answer)

  • A. The used credential is not embedded in the captive portal parameters.
  • B. The external server address is not the FQDN address.
  • C. The captive portal setting in the authentication setting is set to use FQDN as the captive portal type.
  • D. The FortiGate IP address in the POST parameters is using a numerical IP address.

Question #2
Comment Image Comment Image

Refer to the exhibit. The wireless client connects to the wireless network on WLAN_NET tunnel mode interface. The exhibit shows the client exchange communication with the wireless controller and the RADIUS server. Which two issues can you observe in the wireless station debug output? (Choose two answers)

  • A. The wireless client has an unsuccessful association with the wireless controller.
  • B. The wireless client has incorrect credentials to authenticate with the authentication server.
  • C. The wireless client has failed to complete the four-way handshake process.
  • D. The wireless client has denied the connection after many failed trials.

Question #3
Comment Image Comment Image

Which action does a wireless client or the access point take when the wireless client moves away from an associated AP until the signal drops? (Choose one answer)

  • A. The associated AP marks the wireless client as disconnected and must not reconnect.
  • B. The wireless client increases its signal power to continue connecting to the same AP.
  • C. The wireless client disconnects and connects to a different, available AP.
  • D. The associated AP sends an alert message to the wireless client about the signal drop.

Question #4
Comment Image Comment Image

Which wireless monitoring metric is required to optimize a wireless network? (Choose one answer)

  • A. Amount of event logs generated
  • B. Users count on the network
  • C. FortiAP running firmware status
  • D. Wireless channel utilization

Question #5
Comment Image Comment Image

Which two roles does FortiPresence analytics assist in generating presence reports? (Choose two answers)

  • A. Gathering details about on-site guest users.
  • B. Comparing current data with historical records.
  • C. Reporting potential threats by on-site guest users.
  • D. Predicting the number of on-site guest users.

Question #6
Comment Image Comment Image

FortiGate sends logs to FortiAnalyzer using the default settings to report security events for all wireless stations as part of the Security Fabric configuration. Which security action will FortiGate take when it detects a compromised wireless station in the CORP_DATA SSID? (Choose one answer)

  • A. FortiGate disassociates compromised stations and prevents them from connecting again.
  • B. FortiAP devices broadcasting CORP_DATA wireless network place compromised stations in quarantine.
  • C. CORP_DATA is in NAC mode and onboards compromised stations for a period until malicious activity stops
  • D. FortiAnalyzer generates security reports to inform security operations to further investigate the compromised stations.

Question #7
Comment Image Comment Image

Which two statements are correct about FortiAP and rogue APs? (Choose two answers)

  • A. FortiAP scans rogue APs in the background while broadcasting SSIDs.
  • B. FortiAP detects rogue APs on dedicated monitoring radios.
  • C. FortiAP suppresses detected rogue APs manually.
  • D. FortiAP offers automatic suppression of rogue APs when broadcasting SSIDs.

Question #8
Comment Image Comment Image

You plan to deploy a wireless network at various remote sites with no on-site IT available. The remote sites must have access points to broadcast the wireless networks. You can manage the access points using any Fortinet control and management option. Which two items must you consider in addition to deploying the wireless network and enforcing Fortinet UTM on all wireless traffic? (Choose two answers)

  • A. To power the access points with a UTM-capable FortiSwitch device.
  • B. To install the access points designed to provide Fortinet UTM services.
  • C. To deploy the SSIDs in bridge mode bridged to the access points subnet.
  • D. To manage the access points by FortiLAN Cloud and create a tunnel between access points.

Question #9
Comment Image Comment Image

Which benefit does 802.1X authentication offer when securing a wireless network? (Choose one answer)

  • A. Allows administrators to gain elevated privilege to access resources
  • B. Makes wireless access at home protected and secured
  • C. Simplifies public Wi-Fi hotspots for guest access
  • D. Authentication and authorization in enterprise networks

Question #10
Comment Image Comment Image

How can you find the upstream and downstream link rates of a wireless client connected to a FortiAP? (Choose one answer)

  • A. On the FortiGate GUI, using the WiFi Client monitor
  • B. On the FortiAP CLI, using the cw_diag ksta command
  • C. On the FortiAP CLI, using the cw_diag -d sta command
  • D. On the FortiGate CLI, using the diagnose wireless-controller wlac -d sta command