ExamTopics Logo
Mail Us[email protected]
Menu
Fortinet Discussions
exam questions

Exam FCP_WCS_AD-7.4 All Questions

View all questions & answers for the FCP_WCS_AD-7.4 exam
Go to Exam

Exam FCP_WCS_AD-7.4 topic 1 question 26 discussion

Actual exam question from Fortinet's FCP_WCS_AD-7.4
Question #: 26
Topic #: 1
[All FCP_WCS_AD-7.4 Questions]

You are troubleshooting network connectivity issues between two VMs deployed in AWS.
One VM is a FortiGate located on subnet "LAN" that is part of the VPC "Encryption". The other VM is a Windows server located on the subnet "servers" which is also in the "Encryption" VPC. You are unable to ping the Windows server from FortiGate.
What are two reasons for this? (Choose two.)

  • A. The firewall in the Windows VM is blocking the traffic.
  • B. The default AWS Network Access Control List (NACL) does not allow this traffic.
  • C. By default, AWS does not allow ICMP traffic between subnets.
  • D. Add an inbound allow ICMP rule in the security group attached to the windows server.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by the_giant at July 29, 2024, 7:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
havokdu
3 weeks, 2 days ago
Selected Answer: AD
Other options are less likely because: NACLs (B): The default network ACL in a default VPC typically allows all inbound and outbound traffic, so this is unlikely to be the root cause unless custom NACL rules were explicitly added to block ICMP. Default AWS Behavior (C): There is no inherent AWS-wide restriction that disallows ICMP traffic between subnets within the same VPC. Traffic is generally allowed unless explicitly blocked by security groups, NACLs, or host-level firewalls.
upvoted 1 times
...
myrmidon3
2 months, 3 weeks ago
Selected Answer: AD
The two most likely reasons why you are unable to ping the Windows server from FortiGate in this scenario are: The firewall in the Windows VM is blocking the traffic. By default, the Windows firewall might block ICMP traffic (ping). You will need to check the firewall settings on the Windows server to allow ICMP. Add an inbound allow ICMP rule in the security group attached to the Windows server. Security groups in AWS control traffic to instances, and by default, they do not allow ICMP (ping) traffic unless an explicit rule is added. You would need to add a rule to allow ICMP traffic in the security group associated with the Windows server. These two reasons are common causes for network connectivity issues between instances in AWS.
upvoted 2 times
...
e5c20bb
4 months, 2 weeks ago
A, C by research.
upvoted 1 times
...
the_giant
5 months, 1 week ago
Selected Answer: AD
A, D are correct
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago