Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

FCSS_CDS_AR-7.6 FCSS - Public Cloud Security 7.6 Architect Questions and Answers

Questions 4

An organization is deploying FortiDevSec to enhance security for containerized applications, and they need to ensure containers are monitored for suspicious behavior at runtime.

Which FortiDevSec feature is best for detecting runtime threats?

Options:

A.

FortiDevSec software composition analysis (SCA)

B.

FortiDevSec static application security testing (SAST)

C.

FortiDevSec dynamic application security testing (DAST)

D.

FortiDevSec container scanner

Buy Now
Questions 5

An administrator is trying to implement FortiCNP with Microsoft Azure Security integration. However, FortiCNP is not able to extract any cloud integration data from Azure; therefore, real-time cloud security monitoring is not possible.

What is causing this issue?

Options:

A.

The organization is using a free Azure AD license.

B.

The Azure account doesn't have the global administrator role.

C.

The administrator enabled the wrong defender plan for servers.

D.

The FortiCNP account in Azure has the Storage Blob Data Reader role.

Buy Now
Questions 6

Refer to the exhibit.

The exhibit shows an active-passive high availability FortiGate pair with external and internal Azure load balancers There is no SDN connector used in this solution.

Which configuration must the administrator implement on each FortiGate?

Options:

A.

Single BGP route to Azure probe IP address.

B.

One static route to Azure Lambda IP address.

C.

Two static routes to Azure probe IP address.

D.

Two BGP routes lo Azure probe IP address.

Buy Now
Questions 7

What would be the impact of confirming to delete all the resources in Terraform?

Options:

A.

It destroys all the resources tied to the AWS Identity and Access Management (IAM) user.

B.

It destroys all the resources in the resource group.

C.

It destroys all the resources in the .tfstate file.

D.

It destroys all the resources in the .tfvars file.

Buy Now
Questions 8

Refer to the exhibit.

After analyzing the native monitoring tools available in Azure, an administrator decides to use the tool displayed in the exhibit.

Why would an administrator choose this tool?

Options:

A.

To view details about Azure resources and their relationships across multiple regions.

B.

To obtain, and later examine, traffic flow data with a visualization tool.

C.

To help debug issues affecting virtual network gateways.

D.

To compare the latency of an on-premises site with the latency of an Azure application.

Buy Now
Questions 9

Refer to the exhibit.

You deployed an HA active-active load balance sandwich with two FortiGate VMs in Microsoft Azure.

After the deployment, you prefer to use FGSP to synchronize sessions, and allow asymmetric return traffic. In the environment, FortiGate port 1 and port 2 are facing external and internal load balancers respectively.

What IP address must you use in the peerip configuration?

Options:

A.

The opposite FortiGate port 2 IP address.

B.

The public load balancer port 2 IP address.

C.

The internal load balancer port 1 IP address.

D.

The opposite FortiGate port 1 IP address.

Buy Now
Questions 10

The cloud administration team is reviewing an AWS deployment that was done using CloudFormation.

The deployment includes six FortiGate instances that required custom configuration changes after being deployed. The team notices that unwanted traffic is reaching some of the FortiGate instances because the template is missing a security group.

To resolve this issue, the team decides to update the JSON template with the missing security group and then apply the updated template directly, without using a change set.

What is the result of following this approach?

Options:

A.

If new FortiGate instances are deployed later they will include the updated changes.

B.

Some of the FortiGate instances may be deleted and replaced with new copies.

C.

The update is applied, and the security group is added to all instances without interruption.

D.

CloudFormation rejects the update and warns that a new full stack is required.

Buy Now
Questions 11

An administrator decides to use the Use managed identity option on the FortiGate SDN connector with Microsoft Azure. However, the SDN connector is failing on the connection.

What must the administrator do to correct this issue?

Options:

A.

Make sure to add the Client secret on FortiGate side of the configuration.

B.

Make sure to add the Tenant ID on FortiGate side of the configuration.

C.

Make sure to enable the system assigned managed identity on Azure.

D.

Make sure to set the type to system managed identity on FortiGate SDN connector settings.

Buy Now

Fortinet Certified Solution Specialist |

Exam Code: FCSS_CDS_AR-7.6
Exam Name: FCSS - Public Cloud Security 7.6 Architect
Last Update: Aug 31, 2025
Questions: 38
FCSS_CDS_AR-7.6 pdf

FCSS_CDS_AR-7.6 PDF

$25.5  $84.99
 Add to Cart
FCSS_CDS_AR-7.6 Engine

FCSS_CDS_AR-7.6 Testing Engine

$30  $99.99
 Add to Cart
FCSS_CDS_AR-7.6 PDF + Engine

FCSS_CDS_AR-7.6 PDF + Testing Engine

$40.5  $134.99
 Add to Cart