Month End Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

Hot Vendors
  1. Home
  2. Fortinet
  3. Fortinet Certified Solution Specialist
  4. FCSS_CDS_AR-7.6
  5. FCSS - Public Cloud Security 7.6 Architect Questions and Answers

FCSS_CDS_AR-7.6 FCSS - Public Cloud Security 7.6 Architect Questions and Answers

Questions 4

You must add an Amazon Web Services (AWS) network access list (NACL) rule to allow SSH traffic to a subnet for temporary testing purposes. When you review the current inbound and outbound NACL rules, you notice that the rules with number 5 deny SSH and telnet traffic to the subnet.

What can you do to allow SSH traffic?

Options:

A.

You do not have to create any NACL rules because the default security group rule automatically allows SSH traffic to the subnet.

B.

You must create a new allow SSH rule anywhere in the network ACL rule base to allow SSH traffic.

C.

You must create two new allow SSH rules, each with a number bigger than 5.

D.

You must create two new allow SSH rules, each with a number smaller than 5.

Buy Now
Questions 5

Refer to the exhibit.

FCSS_CDS_AR-7.6 Question 5

What is the purpose of this section of an Azure Bicep file?

Options:

A.

To restrict which FortiOS versions are accepted for deployment

B.

To indicate the correct FortiOS upgrade path after deployment

C.

To add a comment with the permitted FortiOS versions that can be deployed

D.

To document the FortiOS versions in the resulting topology

Buy Now
Questions 6

What is the main advantage of using SD-WAN Transit Gateway Connect over traditional SD-WAN?

Options:

A.

You can use BGP over IPsec for maximum throughput.

B.

You can combine it with IPsec to achieve higher bandwidth.

C.

It eliminates the use of ECMP.

D.

You can use GRE-based tunnel attachments.

Buy Now
Questions 7

Your DevOps team is evaluating different Infrastructure as Code (IaC) solutions for deploying complex Azure environments.

What is an advantage of choosing Azure Bicep over other IaC tools available?

Options:

A.

Azure Bicep generates deployment logs that are optimized to improve error handling.

B.

Azure Bicep provides immediate support for all Azure services, including those in preview.

C.

Azure Bicep requires less frequent schema updates than Azure Resource Manager (ARM) templates.

D.

Azure Bicep can reduce deployment costs by limiting resource utilization during testing.

Buy Now
Questions 8

Refer to the exhibit.

FCSS_CDS_AR-7.6 Question 8

You deployed an HA active-active load balance sandwich with two FortiGate VMs in Microsoft Azure.

After the deployment, you prefer to use FGSP to synchronize sessions, and allow asymmetric return traffic. In the environment, FortiGate port 1 and port 2 are facing external and internal load balancers respectively.

What IP address must you use in the peerip configuration?

Options:

A.

The opposite FortiGate port 2 IP address.

B.

The public load balancer port 2 IP address.

C.

The internal load balancer port 1 IP address.

D.

The opposite FortiGate port 1 IP address.

Buy Now
Questions 9

Refer to the exhibit.

FCSS_CDS_AR-7.6 Question 9

An experienced AWS administrator is creating a new virtual public cloud (VPC) flow log with the settings shown in the exhibit.

What is the purpose of this configuration?

Options:

A.

To maximize the number of logs saved

B.

To monitor logs in real time

C.

To retain logs for a long term

D.

To troubleshoot a log flow issue

Buy Now
Questions 10

An administrator implements FortiWeb ingress controller to protect containerized web applications in an AWS Elastic Kubernetes Service (EKS) cluster.

FCSS_CDS_AR-7.6 Question 10

What can you conclude about the topology shown in FortiView?

Options:

A.

The FortiWeb VM gets the latest cluster information through an SDN connector.

B.

This topology has two services and two ingress controllers deployed.

C.

Both services will be load balanced among the two nodes and the four pods.

D.

Adding a new service will update the FortiWeb configuration automatically.

Buy Now
Questions 11

Which statement about Transit Gateway (TGW) in Amazon Web Services (AWS) is true?

Options:

A.

Both the TGW attachment and propagation must be in the same TGW route table.

B.

TGW can have multiple TGW route tables.

C.

A TGW attachment can be associated with multiple TGW route tables.

D.

The TGW default route table cannot be disabled.

Buy Now
Exam Code: FCSS_CDS_AR-7.6
Exam Name: FCSS - Public Cloud Security 7.6 Architect
Last Update: Sep 1, 2025
Questions: 38

PDF + Testing Engine

$49.5  $164.99
buy now FCSS_CDS_AR-7.6 pdf + testing engine

Testing Engine

$37.5  $124.99
buy now FCSS_CDS_AR-7.6 testing engine

PDF (Q&A)

$31.5  $104.99
buy now FCSS_CDS_AR-7.6 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 01 Sep 2025