Fortinet NSE4_FGT-6.0 Online Practice Questions and Exam Preparation

Fortinet NSE4_FGT-6.0 Online Questions & Answers

• Question 71:

  Examine the exhibit, which shows the output of a web filtering real time debug.

  

  Why is the site www.bing.com being blocked?

  A. The web site www.bing.com is categorized by FortiGuard as Malicious Websites.
  B. The user has not authenticated with the FortiGate yet.
  C. The web server IP address 204.79.197.200 is categorized by FortiGuard as Malicious Websites.
  D. The rating for the web site www.bing.com has been locally overridden to a category that is being blocked.
  D. The rating for the web site www.bing.com has been locally overridden to a category that is being blocked.

• Question 72:

  Which of the following services can be inspected by the DLP profile? (Choose three.)

  A. NFS
  B. FTP
  C. IMAP
  D. CIFS
  E. HTTP-POST
  B. FTP
  C. IMAP
  E. HTTP-POST

• Question 73:

  Which statements correctly describe transparent mode operation? (Choose three.)

  A. All interfaces of the transparent mode FortiGate device must be on different IP subnets.
  B. Ethernet packets are forwarded based on destination MAC addresses, not IP addresses.
  C. The transparent FortiGate is visible to network hosts in an IP traceroute.
  D. It permits inline traffic inspection and firewalling without changing the IP scheme of the network.
  E. FortiGate acts as transparent bridge and forwards traffic at Layer 2.
  B. Ethernet packets are forwarded based on destination MAC addresses, not IP addresses.
  D. It permits inline traffic inspection and firewalling without changing the IP scheme of the network.
  E. FortiGate acts as transparent bridge and forwards traffic at Layer 2.

• Question 74:

  Which of the following statements about NTLM authentication are correct? (Choose two.)

  A. It is useful when users log in to DCs that are not monitored by a collector agent.
  B. It takes over as the primary authentication method when configured alongside FSSO.
  C. Multi-domain environments require DC agents on every domain controller.
  D. NTLM-enabled web browsers are required.
  A. It is useful when users log in to DCs that are not monitored by a collector agent.
  D. NTLM-enabled web browsers are required.

• Question 75:

  Which of the following statements about the FSSO collector agent timers is true?

  A. The workstation verify interval is used to periodically check if a workstation is still a domain member.
  B. The IP address change verify interval monitors the server IP address where the collector agent is installed, and the updates the collector agent configuration if it changes.
  C. The user group cache expiry is used to age out the monitored groups.
  D. The dead entry timeout interval is used to age out entries with an unverified status.
  D. The dead entry timeout interval is used to age out entries with an unverified status.

• Question 76:

  An administrator needs to strengthen the security for SSL VPN access. Which of the following statements are best practices to do so? (Choose three.)

  A. Configure split tunneling for content inspection.
  B. Configure host restrictions by IP or MAC address.
  C. Configure two-factor authentication using security certificates.
  D. Configure SSL offloading to a content processor (FortiASIC).
  E. Configure a client integrity check (host-check).
  C. Configure two-factor authentication using security certificates.
  D. Configure SSL offloading to a content processor (FortiASIC).
  E. Configure a client integrity check (host-check).

• Question 77:

  An administrator needs to create an SSL-VPN connection for accessing an internal server using the bookmark Port Forward. What step is required for this configuration?

  A. Configure an SSL VPN realm for clients to use the port forward bookmark.
  B. Configure the client application to forward IP traffic through FortiClient.
  C. Configure the virtual IP address to be assigned to the SSL VPN users.
  D. Configure the client application to forward IP traffic to a Java applet proxy.
  D. Configure the client application to forward IP traffic to a Java applet proxy.

• Question 78:

  If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does FortiGate take?

  A. It notifies the administrator by sending an email.
  B. It provides a DLP block replacement page with a link to download the file.
  C. It blocks all future traffic for that IP address for a configured interval.
  D. It archives the data for that IP address.
  C. It blocks all future traffic for that IP address for a configured interval.

• Question 79:

  In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

  A. Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.
  B. Client > secondary FortiGate> web server.
  C. Clinet >secondary FortiGate> primary FortiGate> web server.
  D. Client> primary FortiGate> secondary FortiGate> web server.
  D. Client> primary FortiGate> secondary FortiGate> web server.

• Question 80:

  Which one of the following processes is involved in updating IPS from FortiGuard?

  A. FortiGate IPS update requests are sent using UDP port 443.
  B. Protocol decoder update requests are sent to service.fortiguard.net.
  C. IPS signature update requests are sent to update.fortiguard.net.
  D. IPS engine updates can only be obtained using push updates.
  C. IPS signature update requests are sent to update.fortiguard.net.