Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet NSE4_FGT-7.2 - Fortinet NSE 4 - FortiOS 7.2

Fortinet NSE4_FGT-7.2 Premium Access     Download Demo    
Page: 5 / 6
Total 170 questions

Refer to the exhibit.

Based on the raw log, which two statements are correct? (Choose two.)

A.

Traffic is blocked because Action is set to DENY in the firewall policy.

B.

Traffic belongs to the root VDOM.

C.

This is a security log.

D.

Log severity is set to error on FortiGate.

Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

A.

The firewall policy performs the full content inspection on the file.

B.

The flow-based inspection is used, which resets the last packet to the user.

C.

The volume of traffic being inspected is too high for this model of FortiGate.

D.

The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

32

When configuring a firewall virtual wire pair policy, which following statement is true?

A.

Any number of virtual wire pairs can be included, as long as the policy traffic direction is the same.

B.

Only a single virtual wire pair can be included in each policy.

C.

Any number of virtual wire pairs can be included in each policy, regardless of the policy traffic direction settings.

D.

Exactly two virtual wire pairs need to be included in each policy.

113

What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?

A.

Full Content inspection

B.

Proxy-based inspection

C.

Certificate inspection

D.

Flow-based inspection

Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up, but phase 2 fails to come up.

Based on the phase 2 configuration shown in the exhibit, which configuration change will bring phase 2 up?

A.

On Remote-FortiGate, set Seconds to 43200.

B.

On HQ-FortiGate, set Encryption to AES256.

C.

On HQ-FortiGate, enable Diffie-Hellman Group 2.

D.

On HQ-FortiGate, enable Auto-negotiate.

View the exhibit.

Which of the following statements are correct? (Choose two.)

A.

This setup requires at least two firewall policies with the action set to IPsec.

B.

Dead peer detection must be disabled to support this type of IPsec setup.

C.

The TunnelB route is the primary route for reaching the remote site. The TunnelA route is used only if the TunnelB VPN is down.

D.

This is a redundant IPsec setup.

30

A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not Which configuration option is the most effective way to support this request?

A.

Implement a web filter category override for the specified website

B.

Implement a DNS filter for the specified website.

C.

Implement web filter quotas for the specified website

D.

Implement web filter authentication for the specified website.

Refer to the exhibits.

The exhibits show a network diagram and firewall configurations.

An administrator created a Deny policy with default settings to deny Webserver access for Remote-User2. Remote-User1 must be able to access the Webserver. Remote-User2 must not be able to access the Webserver.

In this scenario, which two changes can the administrator make to deny Webserver access for Remote-User2? (Choose two.)

A.

Disable match-vip in the Deny policy.

B.

Set the Destination address as Deny_IP in the Allow-access policy.

C.

Enable match vip in the Deny policy.

D.

Set the Destination address as Web_server in the Deny policy.

Which scanning technique on FortiGate can be enabled only on the CLI?

A.

Heuristics scan

B.

Trojan scan

C.

Antivirus scan

D.

Ransomware scan

7

An administrator has a requirement to keep an application session from timing out on port 80. What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)

A.

Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy.

B.

Create a new service object for HTTP service and set the session TTL to never

C.

Set the TTL value to never under config system-ttl

D.

Set the session TTL on the HTTP policy to maximum