1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE4_FGT-6.2 Online Practice Questions and Exam Preparation

NSE4_FGT-6.2 Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet NSE4_FGT-6.2 Online Questions & Answers

  • Question 31:

    Which two actions are valid for a FortiGuard category-based filter, in a web filter profile, for a firewall policy in proxy-based inspection mode? (Choose two.)

    A. Learn
    B. Exempt
    C. Allow
    D. Warning

  • Question 32:

    What FortiGate components are tested during the hardware test? (Choose three.)

    A. Administrative access
    B. HA heartbeat
    C. CPU
    D. Hard disk
    E. Network interfaces

  • Question 33:

    View the exhibit.

    A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting Games). Based on this configuration, which statement is true?

    A. Addicting.Games is allowed based on the Application Overrides configuration.
    B. Addicting.Games is blocked on the Filter Overrides configuration.
    C. Addicting.Games can be allowed only if the Filter Overrides actions is set to Learn.
    D. Addcting.Games is allowed based on the Categories configuration.

  • Question 34:

    Refer to the following exhibit.

    Why is FortiGate not blocking the test file over FTP download?

    A. Deep-inspection must be enabled for FortiGate to fully scan FTP traffic.
    B. FortiGate needs to be operating in flow-based inspection mode in order to scan FTP traffic.
    C. The FortiSandbox signature database is required to successfully scan FTP traffic.
    D. The proxy options profile needs to scan FTP traffic on a non-standard port.

  • Question 35:

    A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface. Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

    A. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.
    B. The two VLAN sub interfaces must have different VLAN IDs.
    C. The two VLAN sub interfaces can have the same VLAN ID, only if they belong to different VDOMs.
    D. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.

  • Question 36:

    Which two statements about NTLM authentication are correct? (Choose two.)

    A. It requires DC agents on every domain controller when used in multidomain environments.
    B. It is useful when users log in to DCs that are not monitored by a collector agent.
    C. It requires NTLM-enabled web browsers.
    D. It takes over as the primary authentication method when configured alongside FSSO.

  • Question 37:

    Which of the following route attributes must be equal for static routes to be eligible for equal cost multipath (ECMP) routing? (Choose two.)

    A. Priority
    B. Metric
    C. Distance
    D. Cost

  • Question 38:

    Which statement is true regarding the policy ID number of a firewall policy?

    A. Defines the order in which rules are processed.
    B. Represents the number of objects used in the firewall policy.
    C. Required to modify a firewall policy using the CLI.
    D. Changes when firewall policies are reordered.

  • Question 39:

    Which two statements about antivirus scanning mode are true? (Choose two.)

    A. In proxy-based inspection mode, antivirus buffers the whole file for scanning, before sending it to the client.
    B. In full scan flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
    C. In proxy-based inspection mode, files bigger than the buffer size are scanned.
    D. In quick scan mode, you can configure antivirus profiles to use any of the available antivirus signature databases.

  • Question 40:

    A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not. Which configuration option is the most effective way to support this request?

    A. Implement web filter authentication for the specified website.
    B. Implement a web filter category override for the specified website.
    C. Implement DNS filter for the specified website.
    D. Implement web filter quotas for the specified website.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.