FCP – FortiWAN and Cloud Security Administrator 7.4 — Question 26
A global organization with cloud networks deployed in several AWS regions wants to set up next-generation firewall (NGFW) protection using FortiGate Cloud-Native Firewall (CNF).
What are two deployment considerations for the organization? (Choose two.)
Answer options
- A. They must choose AWS Firewall Manager to provision a CNF instance.
- B. A CNF instance is required for each AWS region that must be protected.
- C. More than one AWS account can be associated with a CNF instance.
- D. Only one CNF instance is required to protect all AWS regions.
Correct answer: B, C
Explanation
The correct answers are B and C. A CNF instance must be deployed in each AWS region needing protection, as firewalls are region-specific. Additionally, it is possible to associate a single CNF instance with multiple AWS accounts, allowing for more flexible management and resource allocation. Options A and D are incorrect because AWS Firewall Manager is not a mandatory requirement for CNF deployment, and one CNF instance cannot cover multiple regions.