1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE4_FGT-6.2 Online Practice Questions and Exam Preparation

NSE4_FGT-6.2 Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet NSE4_FGT-6.2 Online Questions & Answers

  • Question 111:

    Examine the routing database shown in the exhibit, and then answer the following question:

    Which of the following statements are correct? (Choose two.)

    A. The port3 default route has the highest distance.
    B. The port3 default route has the lowest metric.
    C. There will be eight routes active in the routing table.
    D. The port1 and port2 default routes are active in the routing table.

  • Question 112:

    Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?

    A. FG-traffic VDOM
    B. Root VDOM
    C. Customer VDOM
    D. Global VDOM

  • Question 113:

    An administrator needs to create an SSL-VPN connection for accessing an internal server using the bookmark Port Forward. What step is required for this configuration?

    A. Configure an SSL VPN realm for clients to use the port forward bookmark.
    B. Configure the client application to forward IP traffic through FortiClient.
    C. Configure the virtual IP address to be assigned to the SSL VPN users.
    D. Configure the client application to forward IP traffic to a Java applet proxy.

  • Question 114:

    Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

    What are the expected actions if traffic matches this IPS sensor? (Choose two.)

    A. The sensor will gather a packet log for all matched traffic.
    B. The sensor will not block attackers matching the A32S.Botnet signature.
    C. The sensor will block all attacks for Windows servers.
    D. The sensor will reset all connections that match these signatures.

  • Question 115:

    If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

    A. A CRL
    B. A person
    C. A subordinate CA
    D. A root CA

  • Question 116:

    Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

    An administrator has configured the WINDOS_SERVERS IPS sensor in an attempt to determine

    whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.

    What is a possible reason for this?

    A. The IPS filter is missing the Protocol: HTTPS option.
    B. The HTTPS signatures have not been added to the sensor.
    C. A DoS policy should be used, instead of an IPS sensor.
    D. The firewall policy is not using a full SSL inspection profile.

  • Question 117:

    View the exhibit.

    Why is the administrator getting the error shown in the exhibit?

    A. The administrator must first enter the command edit global.
    B. The administrator admin does not have the privileges required to configure global settings.
    C. The global settings cannot be configured from the root VDOM context.
    D. The command config system global does not exist in FortiGate.

  • Question 118:

    A team manager has decided that while some members of the team need access to particular website, the majority of the team does not. Which configuration option is the most effective option to support this request?

    A. Implement a web filter category override for the specified website.
    B. Implement web filter authentication for the specified website
    C. Implement web filter quotas for the specified website.
    D. Implement DNS filter for the specified website.

  • Question 119:

    Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

    A. Lookup is done on the first packet from the session originator
    B. Lookup is done on the last packet sent from the responder
    C. Lookup is done on every packet, regardless of direction
    D. Lookup is done on the first reply packet from the responder

  • Question 120:

    Which statements about DNS filter profiles are true? (Choose two.)

    A. They can inspect HTTP traffic.
    B. They can redirect blocked requests to a specific portal.
    C. They can block DNS requests to known botnet command and control servers.
    D. They must be applied in firewall policies with SSL inspection enabled.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.