Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

FCSS_CDS_AR-7.6 Fortinet FCSS - Public Cloud Security 7.6 Architect Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Fortinet FCSS_CDS_AR-7.6 FCSS - Public Cloud Security 7.6 Architect certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Fortinet FCSS_CDS_AR-7.6 Premium Access     Download Demo    
Page: 1 / 1
Total 38 questions

Exhibit.

In which type of FortiCNP insights can an administrator examine the findings triggered by this policy?

A.

Data

B.

Threat

C.

Risk

D.

User activity

What would be the impact of confirming to delete all the resources in Terraform?

A.

It destroys all the resources tied to the AWS Identity and Access Management (IAM) user.

B.

It destroys all the resources in the resource group.

C.

It destroys all the resources in the .tfstate file.

D.

It destroys all the resources in the .tfvars file.

An organization is deploying FortiDevSec to enhance security for containerized applications, and they need to ensure containers are monitored for suspicious behavior at runtime.

Which FortiDevSec feature is best for detecting runtime threats?

A.

FortiDevSec software composition analysis (SCA)

B.

FortiDevSec static application security testing (SAST)

C.

FortiDevSec dynamic application security testing (DAST)

D.

FortiDevSec container scanner

Refer to the exhibit.

After analyzing the native monitoring tools available in Azure, an administrator decides to use the tool displayed in the exhibit.

Why would an administrator choose this tool?

A.

To view details about Azure resources and their relationships across multiple regions.

B.

To obtain, and later examine, traffic flow data with a visualization tool.

C.

To help debug issues affecting virtual network gateways.

D.

To compare the latency of an on-premises site with the latency of an Azure application.

You must add an Amazon Web Services (AWS) network access list (NACL) rule to allow SSH traffic to a subnet for temporary testing purposes. When you review the current inbound and outbound NACL rules, you notice that the rules with number 5 deny SSH and telnet traffic to the subnet.

What can you do to allow SSH traffic?

A.

You do not have to create any NACL rules because the default security group rule automatically allows SSH traffic to the subnet.

B.

You must create a new allow SSH rule anywhere in the network ACL rule base to allow SSH traffic.

C.

You must create two new allow SSH rules, each with a number bigger than 5.

D.

You must create two new allow SSH rules, each with a number smaller than 5.

Which statement about Transit Gateway (TGW) in Amazon Web Services (AWS) is true?

A.

Both the TGW attachment and propagation must be in the same TGW route table.

B.

TGW can have multiple TGW route tables.

C.

A TGW attachment can be associated with multiple TGW route tables.

D.

The TGW default route table cannot be disabled.

You need a solution to safeguard public cloud-hosted web applications from the OWASP Top 10 vulnerabilities. The solution must support the same region in which your applications reside, with minimum traffic cost.

Which solution meets the requirements?

A.

Use FortiGate

B.

Use FortiCNP

C.

Use FortiWeb

D.

Use FortiADC

Refer to the exhibit.

You have deployed a Linux EC2 instance in Amazon Web Services (AWS) with the settings shown on the exhibit.

What next step must the administrator take to access this instance from the internet?

A.

Allocate an Elastic IP address and assign it to the instance.

B.

Create a VIP on FortiGate to allow access.

C.

Enable SSH and allocate it to the device.

D.

Configure the user name and password.

An administrator is configuring a software-defined network (SDN) connector in FortiWeb to dynamically obtain information about existing objects in an Amazon Elastic Kubernetes Service (EKS) cluster.

Which AWS policy should the administrator attach to a user to achieve this goal?

A.

AmazonEKSConnectorServiceRolePolicy

B.

AmazonEKSComputePolicy

C.

AmazonEKSServicePolicy

D.

AmazonEKSClusterPolicy

In an SD-WAN TGW Connect topology, which three initial steps are mandatory when routing traffic from a spoke VPC to a security VPC through a Transit Gateway? (Choose three.)

A.

From the security VPC TGW subnet routing table, point 0.0.0.0/0 traffic to the FortiGate internal port.

B.

From the security VPC TGW subnet routing table, point 0.0.0.0/0 traffic to the TGW.

C.

From both spoke VPCs, and the security VPC, point 0.0.0.0/0 traffic to the Internet Gateway.

D.

From the security VPC FortiGate internal subnet routing table, point 0.0.0.0/0 traffic to the TGW.

E.

From the spoke VPC internal routing table, point 0.0.0.0/0 traffic to the TGW.

You have deployed a FortiGate HA cluster in Azure using a gateway load balancer for traffic inspection. However, traffic is not being routed correctly through the firewalls.

What can be the cause of the issue?

A.

The FortiNet VMs have IP forwarding disabled, which is required for traffic inspection.

B.

The health probes for the gateway load balancer are failing, which causes traffic to bypass the HA cluster.

C.

The gateway load balancer is not associated with the correct network security group (NSG) rules, which allow traffic to pass through.

D.

The protected VMs are in a different Azure subscription, which prevents the gateway load balancer from forwarding traffic.

Fortinet FCSS_CDS_AR-7.6 Premium Access     Download Demo    
Page: 1 / 1
Total 38 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved