1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE4_FGT-6.2 Online Practice Questions and Exam Preparation

NSE4_FGT-6.2 Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet NSE4_FGT-6.2 Online Questions & Answers

  • Question 91:

    Which of the following statements about policy-based IPsec tunnels are true? (Choose two.)

    A. They can be configured in both NAT/Route and transparent operation modes.
    B. They support L2TP-over-IPsec.
    C. They require two firewall policies: one for each directions of traffic flow.
    D. They support GRE-over-IPsec.

  • Question 92:

    An administrator is configuring an antivirus profiles on FortiGate and notices that Proxy Options is not listed under Security Profiles on the GUI. What can cause this issue?

    A. FortiGate needs to be switched to NGFW mode.
    B. Proxy options section is hidden by default and needs to be enabled from the Feature Visibility menu.
    C. Proxy options are no longer available starting in FortiOS 5.6.
    D. FortiGate is in flow-based inspection mode.

  • Question 93:

    Which of the following services can be inspected by the DLP profile? (Choose three.)

    A. NFS
    B. FTP
    C. IMAP
    D. CIFS
    E. HTTP-POST

  • Question 94:

    Examine this FortiGate configuration:

    How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?

    A. It always authorizes the traffic without requiring authentication.
    B. It drops the traffic.
    C. It authenticates the traffic using the authentication scheme SCHEME2.
    D. It authenticates the traffic using the authentication scheme SCHEME1.

  • Question 95:

    Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

    A. By default, FortiGate uses WINS servers to resolve names.
    B. By default, the SSL VPN portal requires the installation of a client's certificate.
    C. By default, split tunneling is enabled.
    D. By default, the admin GUI and SSL VPN portal use the same HTTPS port.

  • Question 96:

    Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

    A. To remove the NAT operation.
    B. To generate logs
    C. To finish any inspection operations.
    D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.

  • Question 97:

    Examine the FortiGate configuration:

    What will happen to unauthenticated users when an active authentication policy is followed by a fall through policy without authentication?

    A. The user must log in again to authenticate.
    B. The user will be denied access to resources without authentication.
    C. The user will not be prompted for authentication.
    D. User authentication happens at an interface level.

  • Question 98:

    Why must you use aggressive mode when a local FortiGate IPSec gateway hosts multiple dialup tunnels?

    A. In aggressive mode, the remote peers are able to provide their peer IDs in the first message.
    B. FortiGate is able to handle NATed connections only in aggressive mode.
    C. FortiClient only supports aggressive mode.
    D. Main mode does not support XAuth for user authentication.

  • Question 99:

    NGFW mode allows policy-based configuration for most inspection rules. Which security profile's configuration does not change when you enable policy-based inspection?

    A. Web filtering
    B. Antivirus
    C. Web proxy
    D. Application control

  • Question 100:

    In an HA cluster operating in active-active mode, which path is taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

    A. Client > secondary FortiGate > primary FortiGate > web server
    B. Client > primary FortiGate > secondary FortiGate > primary FortiGate > web server
    C. Client > primary FortiGate > secondary FortiGate > web server
    D. Client > secondary FortiGate > web server

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.