1. Home
  2. Fortinet
  3. NSE4_FGT-6.4

Fortinet NSE4_FGT-6.4 Online Practice Questions and Exam Preparation

NSE4_FGT-6.4 Exam Details

  • Exam Code
    :NSE4_FGT-6.4
  • Exam Name
    :Fortinet NSE 4 - FortiOS 6.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :163 Q&As
  • Last Updated
    :May 31, 2026

Fortinet NSE4_FGT-6.4 Online Questions & Answers

  • Question 21:

    Refer to the exhibit.

    Which contains a Performance SLA configuration.

    An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?

    A. Participants configured are not SD-WAN members.
    B. There may not be a static route to route the performance SLA traffic.
    C. The Ping protocol is not supported for the public servers that are configured.
    D. You need to turn on the Enable probe packets switch.

  • Question 22:

    An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

    A. The strict RPF check is run on the first sent and reply packet of any new session.
    B. Strict RPF checks the best route back to the source using the incoming interface.
    C. Strict RPF checks only for the existence of at cast one active route back to the source using the incoming interface.
    D. Strict RPF allows packets back to sources with all active routes.

  • Question 23:

    Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

    A. SSH
    B. HTTPS
    C. FTM
    D. FortiTelemetry

  • Question 24:

    Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

    A. To remove the NAT operation.
    B. To generate logs
    C. To finish any inspection operations.
    D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.

  • Question 25:

    Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?

    A. get system status
    B. get system performance status
    C. diagnose sys top
    D. get system arp

  • Question 26:

    Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)

    A. Firewall policy
    B. Policy rule
    C. Security policy
    D. SSL inspection and authentication policy

  • Question 27:

    Refer to the exhibits.

    Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)

    A. Administrators can access FortiGate only through the console port.
    B. FortiGate has entered conserve mode.
    C. FortiGate will start sending all files to FortiSandbox for inspection.
    D. Administrators cannot change the configuration.

  • Question 28:

    Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)

    A. This is known as many-to-one NAT.
    B. Source IP is translated to the outgoing interface IP.
    C. Connections are tracked using source port and source MAC address.
    D. Port address translation is not used.

  • Question 29:

    Refer to the exhibit.

    An administrator is running a sniffer command as shown in the exhibit.

    Which three pieces of information are included in the sniffer output? (Choose three.)

    A. Interface name
    B. Ethernet header
    C. IP header
    D. Application header
    E. Packet payload

  • Question 30:

    To complete the final step of a Security Fabric configuration, an administrator must authorize all the devices on which device?

    A. FortiManager
    B. Root FortiGate
    C. FortiAnalyzer
    D. Downstream FortiGate

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-6.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.