Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Fortinet NSE4_FGT-7.2 - Fortinet NSE 4 - FortiOS 7.2

Fortinet NSE4_FGT-7.2 Premium Access     Download Demo    
Page: 1 / 6
Total 170 questions

Which statement is correct regarding the use of application control for inspecting web applications?

A.

Application control can identity child and parent applications, and perform different actions on them.

B.

Application control signatures are organized in a nonhierarchical structure.

C.

Application control does not require SSL inspection to identity web applications.

D.

Application control does not display a replacement message for a blocked web application.

24

To complete the final step of a Security Fabric configuration, an administrator must authorize all the devices on

which device?

A.

FortiManager

B.

Root FortiGate

C.

FortiAnalyzer

D.

Downstream FortiGate

16

FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy. Which two other security profiles can you apply to the security policy? (Choose two.)

A.

Antivirus scanning

B.

File filter

C.

DNS filter

D.

Intrusion prevention

40

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

A.

diagnose wad session list

B.

diagnose wad session list | grep hook-pre&&hook-out

C.

diagnose wad session list | grep hook=pre&&hook=out

D.

diagnose wad session list | grep "hook=pre"&"hook=out"

95

Examine this output from a debug flow:

Why did the FortiGate drop the packet?

A.

The next-hop IP address is unreachable.

B.

It failed the RPF check .

C.

It matched an explicitly configured firewall policy with the action DENY.

D.

It matched the default implicit firewall policy.

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

A.

FortiGate points the collector agent to use a remote LDAP server.

B.

FortiGate uses the AD server as the collector agent.

C.

FortiGate uses the SMB protocol to read the event viewer logs from the DCs.

D.

FortiGate queries AD by using the LDAP to retrieve user group information.

18

If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

A.

A CRL

B.

A person

C.

A subordinate CA

D.

A root CA

Which statement about the deployment of the Security Fabric in a multi-VDOM environment is true?

A.

VDOMs without ports with connected devices are not displayed in the topology.

B.

Downstream devices can connect to the upstream device from any of their VDOMs.

C.

Security rating reports can be run individually for each configured VDOM.

D.

Each VDOM in the environment can be part of a different Security Fabric.

Which statement correctly describes the use of reliable logging on FortiGate?

A.

Reliable logging is enabled by default in all configuration scenarios.

B.

Reliable logging is required to encrypt the transmission of logs.

C.

Reliable logging can be configured only using the CLI.

D.

Reliable logging prevents the loss of logs when the local disk is full.

What are two characteristics of FortiGate HA cluster virtual IP addresses? (Choose two.)

A.

Virtual IP addresses are used to distinguish between cluster members.

B.

Heartbeat interfaces have virtual IP addresses that are manually assigned.

C.

The primary device in the cluster is always assigned IP address 169.254.0.1.

D.

A change in the virtual IP address happens when a FortiGate device joins or leaves the cluster.