Fortinet FCP_GCS_AD-7.6テスト問題集 & FCP_GCS_AD-7.6技術問題Pass4TestはIT認定試験のFCP_GCS_AD-7.6問題集を提供して皆さんを助けるウエブサイトです。Pass4Testは先輩の経験を生かして暦年の試験の材料を編集することを通して、最高のFCP_GCS_AD-7.6問題集を作成しました。問題集に含まれているものは実際試験の問題を全部カバーすることができますから、あなたが一回で成功することを保証できます。 Fortinet FCP - Google Cloud Security 7.6 Administrator 認定 FCP_GCS_AD-7.6 試験問題 (Q22-Q27):質問 # 22
You have been tasked with destroying all resources relating to a recent active-active high-availability (HA) FGSP Terraform deployment in Google Cloud.
What steps do you have to take to ensure a successful deletion? (Choose two.)
A. Delete all dependencies to resources relating to the Terraform template.
B. Delete all resources manually because active-active HA clusters cannot be destroyed using Terraform.
C. Use the command terraform destroy to delete all resources deployed by the Terraform template.
D. Use the command terraform plan before destroying the Terraform template.
正解:A、C
解説:
Removing dependencies prevents resource conflicts during deletion.
terraform destroy is the correct command to cleanly and completely remove all resources created by the Terraform deployment.
質問 # 23
Refer to the exhibit.
In this hybrid environment, in which two ways does the traffic flow from a network node in the on-premises network to Workload B in Google Cloud? (Choose two.)
A. When the packet reaches the external VPC, it is forwarded to the active FortiGate cluster member using a custom static route.
B. Traffic will be routed using VPC peering from the Internal VPC to the destination subnet.
C. Traffic will not reach the FortiGate devices because both load balancers are internal.
D. Once the traffic has been inspected, the active FortiGate uses VPC peering to forward the traffic to the Server project A VPC.
正解:A、B
解説:
Traffic from on-premises enters the external VPC and is routed to the active FortiGate VM via custom routes for inspection.
After inspection, traffic is routed through VPC peering from the internal VPC to the service project subnet where Workload B resides.
質問 # 24
Refer to the exhibit.
An administrator is troubleshooting network connectivity issues between two VMs deployed in Google Cloud.
One VM is a FortiGate located in the subnet "wan" that is part of the VPC "e-commerce". The other VM is a Windows server located in subnet "servers", which is also in the "e-commerce" VPC.
What are two reasons you cannot pint the Windows server from FortiGate? (Choose two.)
A. The Windows firewall is blocking the traffic.
B. Add a Google Cloud firewall rule to allow ICMP traffic inbound to the Windows firewall VM.
C. The default Google Cloud firewall policy does not allow this traffic.
D. ICMP traffic is blocked between Google Cloud subnets by default.
正解:A、B
解説:
Google Cloud firewall rules are stateful and, by default, do not allow ICMP traffic; you must explicitly allow ICMP inbound traffic to the Windows VM.
The Windows VM's own firewall might block ICMP traffic, preventing ping responses.
質問 # 25
Refer to the exhibit.
An administrator is troubleshooting an issue when a high-availability (HA) failover occurs.
Which conclusion can you draw from the debug output?
A. The HA cluster is deployed using the software-defined network (SDN) connector.
B. Both cluster members are located in the same zone.
C. The HA cluster is accessible using HTTPS on 34.68.13.24 and 34.66.4.139.
D. The health check has successfully updated the internal custom route to forward all internal traffic to
172.16.1.3.
正解:D
解説:
The debug output shows the internal route being updated and moved to the new next hop (172.16.1.3), indicating the health check and failover process successfully redirected internal traffic to the active HA node.
質問 # 26
Your organization is deciding between deploying FortiGate active-passive high-availability (HA) in Google Cloud using either the software-defined network (SDN) connector or load balancers.
What two reasons should your organization choose the SDN connector over the load balancer deployment?
(Choose two.)
A. The SDN connector supports multizone failover.
B. There isess administrative overhead.
C. Failovers are faster because of to API calls.
D. Cost is lower.
正解:B、D
解説:
Using the SDN connector avoids additional load balancer costs, making it more cost-effective.
The SDN connector enables multizone failover by directly managing network routing, which load balancers do not inherently support.
