1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE4_FGT-6.2 Online Practice Questions and Exam Preparation

NSE4_FGT-6.2 Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet NSE4_FGT-6.2 Online Questions & Answers

  • Question 81:

    Which of the following statements about virtual domains (VDOMs) are true? (Choose two.)

    A. The root VDOM is the management VDOM by default.
    B. A FortiGate device has 64 VDOMs, created by default.
    C. Each VDOM maintains its own system time.
    D. Each VDOM maintains its own routing table.

  • Question 82:

    Which of the following conditions are required for establishing an IPSec VPN between two FortiGate devices? (Choose two.)

    A. If XAuth is enabled as a server in one peer, it must be enabled as a client in the other peer.
    B. If the VPN is configured as route-based, there must be at least one firewall policy with the action set to IPSec.
    C. If the VPN is configured as DialUp User in one peer, it must be configured as either Static IP Address or Dynamic DNS in the other peer.
    D. If the VPN is configured as a policy-based in one peer, it must also be configured as policy-based in the other peer.

  • Question 83:

    What information is flushed when the chunk-size value is changed in the config dlp settings?

    A. The database for DLP document fingerprinting
    B. The supported file types in the DLP filters
    C. The archived files and messages
    D. The file name patterns in the DLP filters

  • Question 84:

    An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy address created for that purpose.

    Where must the proxy address be used?

    A. As the source in a firewall policy.
    B. As the source in a proxy policy.
    C. As the destination in a firewall policy.
    D. As the destination in a proxy policy.

  • Question 85:

    Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

    A. Include the group of guest users in a policy.
    B. Extend timeout timers.
    C. Guarantee at least 34 Kbps bandwidth between FortiGate and domain controllers.
    D. Ensure all firewalls allow the FSSO required ports.

  • Question 86:

    An administrator has configured central DNAT and virtual IPs. Which of the following can be selected in the firewall policy Destination field?

    A. A VIP group
    B. The mapped IP address object of the VIP object
    C. A VIP object
    D. An IP pool

  • Question 87:

    Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?

    A. Subject Key Identifier value
    B. SMMIE Capabilities value
    C. Subject value
    D. Subject Alternative Name value

  • Question 88:

    Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

    A. To detect intermediary NAT devices in the tunnel path.
    B. To dynamically change phase 1 negotiation mode aggressive mode.
    C. To encapsulation ESP packets in UDP packets using port 4500.
    D. To force a new DH exchange with each phase 2 rekey.

  • Question 89:

    What settings must you configure to ensure FortiGate generates logs for web filter activity on a firewall policy called Full Access? (Choose two.)

    A. Enable Event Logging.
    B. Enable a web filter security profile on the Full Access firewall policy.
    C. Enable Log Allowed Traffic on the Full Access firewall policy.
    D. Enable disk logging.

  • Question 90:

    What FortiGate configuration is required to actively prompt users for credentials?

    A. You must enable one or more protocols that support active authentication on a firewall policy.
    B. You must position the firewall policy for active authentication before a firewall policy for passive authentication
    C. You must assign users to a group for active authentication
    D. You must enable the Authentication setting on the firewall policy

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.