1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE 4 - FortiOS 6.2

Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :NSE4
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet NSE4 NSE4_FGT-6.2 Questions & Answers

  • Question 31:

    Which statement regarding the firewall policy authentication timeout is true?

    A. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source IP.

    B. It is a hard timeout. The FortiGate removes the temporary policy for a user's source IP address after this timer has expired.

    C. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source MAC.

    D. It is a hard timeout. The FortiGate removes the temporary policy for a user's source MAC address after this timer has expired.

  • Question 32:

    Which of the following SD-WAN load ç’ªalancing method use interface weight value to distribute traffic? (Choose two.)

    A. Source IP

    B. Spillover

    C. Volume

    D. Session

  • Question 33:

    Which is a requirement for creating an inter-VDOM link between two VDOMs?

    A. The inspection mode of at least one VDOM must be proxy-based.

    B. At least one of the VDOMs must operate in NAT mode.

    C. The inspection mode of both VDOMs must match.

    D. Both VDOMs must operate in NAT mode.

  • Question 34:

    Examine the following web filtering log.

    Which statement about the log message is true?

    A. The action for the category Games is set to block.

    B. The usage quota for the IP address 10.0.1.10 has expired

    C. The name of the applied web filter profile is default.

    D. The web site miniclip.com matches a static URL filter whose action is set to Warning.

  • Question 35:

    The FSSO Collector Agent set to advanced access mode for the Windows Active Directory uses which of the following?

    A. LDAP convention B. NTLM convention

    C. Windows convention ?NetBios\Username

    D. RSSO convention

  • Question 36:

    What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

    A. It limits the scope of application control to the browser-based technology category only.

    B. It limits the scope of application control to scan application traffic based on application category only.

    C. It limits the scope of application control to scan application traffic using parent signatures only

    D. It limits the scope of application control to scan application traffic on DNS protocol only.

  • Question 37:

    Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)

    A. This is known as many-to-one NAT.

    B. Source IP is translated to the outgoing interface IP.

    C. Connections are tracked using source port and source MAC address.

    D. Port address translation is not used.

  • Question 38:

    What FortiGate configuration is required to actively prompt users for credentials?

    A. You must enable one or more protocols that support active authentication on a firewall policy.

    B. You must position the firewall policy for active authentication before a firewall policy for passive authentication

    C. You must assign users to a group for active authentication

    D. You must enable the Authentication setting on the firewall policy

  • Question 39:

    Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

    A. It recommends the use of dynamic routing protocols so that spokes can learn the routes to other spokes.

    B. ADVPN is only supported with IKEv2.

    C. IPSec tunnels are negotiated dynamically between spokes.

    D. Every spoke requires a static tunnel to be configured to other spokes so that phase 1 and phase 2 proposals are defined in advance.

  • Question 40:

    An administrator needs to create an SSL-VPN connection for accessing an internal server using the bookmark Port Forward. What step is required for this configuration?

    A. Configure an SSL VPN realm for clients to use the port forward bookmark.

    B. Configure the client application to forward IP traffic through FortiClient.

    C. Configure the virtual IP address to be assigned to the SSL VPN users.

    D. Configure the client application to forward IP traffic to a Java applet proxy.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.