1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE 4 - FortiOS 6.2

Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet Fortinet Certifications NSE4_FGT-6.2 Questions & Answers

  • Question 51:

    What information is flushed when the chunk-size value is changed in the config dlp settings?

    A. The database for DLP document fingerprinting

    B. The supported file types in the DLP filters

    C. The archived files and messages

    D. The file name patterns in the DLP filters

  • Question 52:

    An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

    A. The interface has been configured for one-arm sniffer.

    B. The interface is a member of a virtual wire pair.

    C. The operation mode is transparent.

    D. The interface is a member of a zone.

    E. Captive portal is enabled in the interface.

  • Question 53:

    An administrator has configured the following settings:

    What does the configuration do? (Choose two.)

    A. Reduces the amount of logs generated by denied traffic.

    B. Enforces device detection on all interfaces for 30 minutes.

    C. Blocks denied users for 30 minutes.

    D. Creates a session for traffic being denied.

  • Question 54:

    Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

    A. By default, FortiGate uses WINS servers to resolve names.

    B. By default, the SSL VPN portal requires the installation of a client's certificate.

    C. By default, split tunneling is enabled.

    D. By default, the admin GUI and SSL VPN portal use the same HTTPS port.

  • Question 55:

    You have tasked to design a new IPsec deployment with the following criteria:

    1.

    There are two HQ sues that all satellite offices must connect to

    2.

    The satellite offices do not need to communicate directly with other satellite offices

    3.

    No dynamic routing will be used

    4.

    The design should minimize the number of tunnels being configured.

    Which topology should be used to satisfy all of the requirements?

    A. Partial mesh

    B. Hub-and-spoke

    C. Fully meshed

    D. Redundant

  • Question 56:

    A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface. Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

    A. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.

    B. The two VLAN sub interfaces must have different VLAN IDs.

    C. The two VLAN sub interfaces can have the same VLAN ID, only if they belong to different VDOMs.

    D. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.

  • Question 57:

    View the certificate shown to the exhibit, and then answer the following question: The CA issued this certificate to which entity?

    A. A root CA

    B. A person

    C. A bridge CA

    D. A subordinate CA

  • Question 58:

    Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

    A. To remove the NAT operation.

    B. To generate logs

    C. To finish any inspection operations.

    D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.

  • Question 59:

    Which of the following statements about NTLM authentication are correct? (Choose two.)

    A. It is useful when users log in to DCs that are not monitored by a collector agent.

    B. It takes over as the primary authentication method when configured alongside FSSO.

    C. Multi-domain environments require DC agents on every domain controller.

    D. NTLM-enabled web browsers are required.

  • Question 60:

    An administrator wants to create a policy-based IPsec VPN tunnel betweeb two FortiGate devices. Which configuration steps must be performed on both devices to support this scenario? (Choose three.)

    A. Define the phase 1 parameters, without enabling IPsec interface mode

    B. Define the phase 2 parameters.

    C. Set the phase 2 encapsulation method to transport mode

    D. Define at least one firewall policy, with the action set to IPsec.

    E. Define a route to the remote network over the IPsec tunnel.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.