Question 10 - Fortinet FCP_FGT_AD-7.4 Real Exam Questions [Jan 2026 Update]

Q: 10

Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

Options

Correct Answer:

A, D

Explanation

The root FortiGate in a Security Fabric acts as the central management and orchestration point. Two key functions exclusive to the root device are direct administrative control over fabric members and centralized threat response. From the Security Fabric topology on the root FortiGate, an administrator can reboot or shut down a downstream FortiGate. Furthermore, the root FortiGate is responsible for managing the fabric-wide compromised host list, allowing an administrator to ban or unban an IP address across the entire Security Fabric. This centralized command and control is a core aspect of the root FortiGate's role.

Why Incorrect

B. Disabling FortiAnalyzer logging is a local configuration on the downstream device itself. You can log in to the downstream FortiGate to change this setting.

C. A FortiSwitch is managed by the FortiGate it is directly connected to via FortiLink. This managing FortiGate could be a downstream device, not necessarily the root.

References

1. FortiOS Administration Guide 7.0.0

Page 1011

"Security Fabric topology": "From the root FortiGate

you can right-click a device in the topology to perform actions

such as logging in to the device

upgrading the firmware

or rebooting the device." This directly supports option A.

2. FortiOS Administration Guide 7.0.0

Page 1043

"Banning an IP address": "When a compromised host is detected

the FortiGate can ban the host's IP address from accessing the network. In the Security Fabric

the root FortiGate shares the banned IP address with the other FortiGates in the Security Fabric." This confirms that managing the banned IP list is a root FortiGate function

supporting option D.

3. FortiOS Administration Guide 7.0.0

Page 833

"Log Settings": This section details that log settings are configured on a per-device basis under the Log & Report menu

demonstrating that this is not an action exclusive to the root FortiGate. This refutes option B.

4. FortiOS Administration Guide 7.0.0

Page 487

"FortiSwitch Manager": The documentation explains that FortiSwitch devices are managed from the FortiGate they are connected to. This management is not exclusive to the root FortiGate in a multi-FortiGate fabric. This refutes option C.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE