1. Home
  2. Fortinet
  3. NSE4
  4. NSE4_FGT-7.2
  5. Fortinet NSE 4 - FortiOS 7.2 Questions and Answers

Pass the Fortinet NSE4 NSE4_FGT-7.2 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions
Questions # 41:

Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Question # 41

Question # 41

Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

Options:
A.

The firewall policy performs the full content inspection on the file.

B.

The flow-based inspection is used, which resets the last packet to the user.

C.

The volume of traffic being inspected is too high for this model of FortiGate.

D.

The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

Expert Solution
Questions # 42:

Refer to the exhibit.

Question # 42

Based on the raw log, which two statements are correct? (Choose two.)

Options:
A.

Traffic is blocked because Action is set to DENY in the firewall policy.

B.

Traffic belongs to the root VDOM.

C.

This is a security log.

D.

Log severity is set to error on FortiGate.

Expert Solution
Questions # 43:

Which three statements explain a flow-based antivirus profile? (Choose three.)

Options:
A.

Flow-based inspection uses a hybrid of the scanning modes available in proxy-based inspection.

B.

If a virus is detected, the last packet is delivered to the client.

C.

The IPS engine handles the process as a standalone.

D.

FortiGate buffers the whole file but transmits to the client at the same time.

E.

Flow-based inspection optimizes performance compared to proxy-based inspection.

Expert Solution
Questions # 44:

An administrator has configured two-factor authentication to strengthen SSL VPN access. Which additional best practice can an administrator implement?

Options:
A.

Configure Source IP Pools.

B.

Configure split tunneling in tunnel mode.

C.

Configure different SSL VPN realms.

D.

Configure host check .

Expert Solution
Questions # 45:

Refer to the exhibit to view the application control profile.

Question # 45

Based on the configuration, what will happen to Apple FaceTime?

Options:
A.

Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration

B.

Apple FaceTime will be allowed, based on the Apple filter configuration.

C.

Apple FaceTime will be allowed only if the filter in Application and Filter Overrides is set to Learn

D.

Apple FaceTime will be allowed, based on the Categories configuration.

Expert Solution
Questions # 46:

7

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

Options:
A.

System time

B.

FortiGuaid update servers

C.

Operating mode

D.

NGFW mode

Expert Solution
Questions # 47:

FortiGate is operating in NAT mode and is configured with two virtual LAN (VLAN) subinterfaces added to the same physical interface.

In this scenario, which statement about VLAN IDs is true?

Options:
A.

The two VLAN subinterfaces can have the same VLAN ID only if they belong to different VDOMs.

B.

The two VLAN subinterfaces must have different VLAN IDs.

C.

The two VLAN subinterfaces can have the same VLAN ID only if they have IP addresses in the same subnet.

D.

The two VLAN subinterfaces can have the same VLAN ID only if they have IP addresses in different subnets.

Expert Solution
Questions # 48:

What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.)

Options:
A.

FortiGate uses fewer resources.

B.

FortiGate performs a more exhaustive inspection on traffic.

C.

FortiGate adds less latency to traffic.

D.

FortiGate allocates two sessions per connection.

Expert Solution
Questions # 49:

40

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

Options:
A.

diagnose wad session list

B.

diagnose wad session list | grep hook-pre&&hook-out

C.

diagnose wad session list | grep hook=pre&&hook=out

D.

diagnose wad session list | grep "hook=pre"&"hook=out"

Expert Solution
Questions # 50:

An administrator is running the following sniffer command:

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

Options:
A.

Interface name

B.

Packet payload

C.

Ethernet header

D.

IP header

E.

Application header

Expert Solution
Viewing page 5 out of 6 pages
Viewing questions 41-50 out of questions