1. Home
  2. Fortinet
  3. NSE4_FGT-6.2

Fortinet NSE 4 - FortiOS 6.2

Exam Details

  • Exam Code
    :NSE4_FGT-6.2
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.2
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :142 Q&As
  • Last Updated
    :Jul 10, 2023

Fortinet Fortinet Certifications NSE4_FGT-6.2 Questions & Answers

  • Question 81:

    Examine the routing database shown in the exhibit, and then answer the following question:

    Which of the following statements are correct? (Choose two.)

    A. The port3 default route has the highest distance.

    B. The port3 default route has the lowest metric.

    C. There will be eight routes active in the routing table.

    D. The port1 and port2 default routes are active in the routing table.

  • Question 82:

    If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does FortiGate take?

    A. It notifies the administrator by sending an email.

    B. It provides a DLP block replacement page with a link to download the file.

    C. It blocks all future traffic for that IP address for a configured interval.

    D. It archives the data for that IP address.

  • Question 83:

    View the exhibit.

    Based on the configuration shown in the exhibit, what statements about application control behavior are true? (Choose two.)

    A. Access to all unknown applications will be allowed.

    B. Access to browser-based Social.Media applications will be blocked.

    C. Access to mobile social media applications will be blocked.

    D. Access to all applications in Social.Media category will be blocked.

  • Question 84:

    HTTP Public Key Pinning (HPKP) can be an obstacle to implementing full SSL inspection. What solutions could resolve this problem? (Choose two.)

    A. Enable Allow Invalid SSL Certificates for the relevant security profile.

    B. Change web browsers to one that does not support HPKP.

    C. Exempt those web sites that use HPKP from full SSL inspection.

    D. Install the CA certificate (that is required to verify the web server certificate) stores of users' computers.

  • Question 85:

    View the exhibit.

    What does this raw log indicate? (Choose two.)

    A. FortiGate blocked the traffic.

    B. type indicates that a security event was recorded.

    C. 10.0.1.20 is the IP address for lavito.tk.

    D. policyid indicates that traffic went through the IPS firewall policy.

  • Question 86:

    Which action can be applied to each filter in the application control profile?

    A. Block, monitor, warning, and quarantine

    B. Allow, monitor, block and learn

    C. Allow, block, authenticate, and warning

    D. Allow, monitor, block, and quarantine

  • Question 87:

    How does FortiGate verify the login credentials of a remote LDAP user?

    A. FortiGate regenerates the algorithm based on the login credentials and compares it to the algorithm stored on the LDAP server.

    B. FortiGate sends the user-entered credentials to the LDAP server for authentication.

    C. FortiGate queries the LDAP server for credentials.

    D. FortiGate queries its own database for credentials.

  • Question 88:

    An administrator is attempting to allow access to https://fortinet.com through a firewall policy that is configured with a web filter and an SSL inspection profile configured for deep inspection. Which of the following are possible actions to eliminate the certificate error generated by deep inspection? (Choose two.)

    A. Implement firewall authentication for all users that need access to fortinet.com.

    B. Manually install the FortiGate deep inspection certificate as a trusted CA.

    C. Configure fortinet.com access to bypass the IPS engine.

    D. Configure an SSL-inspection exemption for fortinet.com.

  • Question 89:

    View the exhibit:

    Which statement about the exhibit is true? (Choose two.)

    A. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.

    B. port-VLAN1 is the native VLAN for the port1 physical interface.

    C. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.

    D. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.

  • Question 90:

    What settings must you configure to ensure FortiGate generates logs for web filter activity on a firewall policy called Full Access? (Choose two.)

    A. Enable Event Logging.

    B. Enable a web filter security profile on the Full Access firewall policy.

    C. Enable Log Allowed Traffic on the Full Access firewall policy.

    D. Enable disk logging.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.