exam questions

Exam FCSS_EFW_AD-7.4 All Questions

View all questions & answers for the FCSS_EFW_AD-7.4 exam

Exam FCSS_EFW_AD-7.4 topic 1 question 18 discussion

Actual exam question from Fortinet's FCSS_EFW_AD-7.4
Question #: 18
Topic #: 1
[All FCSS_EFW_AD-7.4 Questions]

Refer to the exhibit, which shows a physical topology and a traffic log.

The administrator is checking on FortiAnalyzer traffic from the device with IP address 10.1.10.1, located behind the FortiGate ISFW device.
The firewall policy in on the ISFW device does not have UTM enabled and the administrator is surprised to see a log with the action Malware, as shown in the exhibit.
What are the two reasons FortiAnalyzer would display this log? (Choose two.)

  • A. Security rating is enabled in ISFW.
  • B. ISFW is in a Security Fabric environment.
  • C. ISFW is not connected to FortiAnalyzer and must go through NGFW-1.
  • D. The firewall policy in NGFW-1 has UTM enabled.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
Community vote distribution
BD (100%)

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Yaghu
1 week ago
Selected Answer: BD
Seems obvious.
upvoted 1 times
...
Tweefo
1 week, 1 day ago
Selected Answer: BD
B & D are correct. B : The Security Fabric, as a whole, logs each session once. The first FortiGate that handles a session in the Security Fabric logs the session. Any upstream FortiGate... still logs UTM events, if configured. D : NGFW applies UTM and generates UTM logs Source : Study Guide P257-259
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
PMP
London, 1 minute ago