Exam FCP_FAZ_AN-7.6 Topic 2 Question 1 Discussion

Actual exam question for Fortinet's FCP_FAZ_AN-7.6 exam
Question #: 1
Topic #: 2
Refer to Exhibit:

Client-1 is trying to access the internet for web browsing.
All FortiGate devices in the topology are part of a Security Fabric with logging to FortiAnalyzer configured.
All firewall policies have logging enabled. All web filter profiles are configured to log only violations.
Which statement about the logging behavior for this specific traffic flow is true?

Suggested Answer: D Vote an answer

Exact Extract: Study Guide p.19-p.20: the first FortiGate creates the traffic log, while upstream devices complete UTM logging.
Technical Deep Dive: The correct answer is D. Client traffic first reaches the access-layer FortiGate, which creates the initial traffic log. The upstream FortiGate applies the web filter profile; therefore, if the session violates the web filtering policy, the upstream FortiGate generates the web filter UTM log. Because the web filter profile is configured to log only violations, no web filter log appears unless a violation occurs. Options A and C incorrectly place web filter logging on FGT-B. Option B misstates how Security Fabric logging avoids duplicate logs; FortiGates do not notify peers to log the flow.

by Nydia at Jun 21, 2026, 05:52 AM

Limited Time Offer

15%

Off

Get Premium FCP_FAZ_AN-7.6 Questions as Interactive Self Test Engine or PDF

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
0
0
0
10