FCSS – Enterprise Firewall Administrator 7.4 — Question 37
An administrator configured the FortiGate devices in an enterprise network to join the Fortinet Security Fabric. The administrator has a list of IP addresses that must be blocked by the data center firewall. This list is updated daily.
How can the administrator automate a firewall policy with the daily updated list?
Answer options
- A. With FortiNAC
- B. With FortiAnalyzer
- C. With a Security Fabric automation
- D. With an external connector from Threat Feeds
Correct answer: D
Explanation
The correct answer is D because an external connector from Threat Feeds allows for automatic updates of threat intelligence, which can include IP addresses to block. Options A and B do not provide the necessary automation for dynamic IP blocking, while C, though related to automation, does not specifically address the integration of an external list of IPs for blocking.