Fortinet Fortinet Certifications NSE4_FGT-6.4 Questions & Answers

• Question 51:

  Examine the IPS sensor and DoS policy configuration shown in the exhibit, then answer the question below.

  

  When detecting attacks, which anomaly, signature, or filter will FortiGate evaluate first?

  A. SMTP.Login.Brute.Force

  B. IMAP.Login.brute.Force

  C. ip_src_session

  D. Location: server Protocol: SMTP

  Correct Answer: B

• Question 52:

  Refer to the exhibit.

  

  Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

  A. Traffic between port2 and port2-vlan1 is allowed by default.

  B. port1-vlan10 and port2-vlan10 are part of the same broadcast domain.

  C. port1 is a native VLAN.

  D. port1-vlan and port2-vlan1 can be assigned in the same VDOM or to different VDOMs.

  Correct Answer: CD

• Question 53:

  Which type of logs on FortiGate record information about traffic directly to and from the FortiGate management IP addresses?

  A. System event logs

  B. Forward traffic logs

  C. Local traffic logs

  D. Security logs

  Correct Answer: C

• Question 54:

  How do you format the FortiGate flash disk?

  A. Load a debug FortiOS image.

  B. Load the hardware test (HQIP) image.

  C. Execute the CLI command execute formatlogdisk.

  D. Select the format boot device option from the BIOS menu.

  Correct Answer: D

• Question 55:

  Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic? (Choose three.)

  A. Source defined as Internet Services in the firewall policy.

  B. Destination defined as Internet Services in the firewall policy.

  C. Highest to lowest priority defined in the firewall policy.

  D. Services defined in the firewall policy.

  E. Lowest to highest policy ID number.

  Correct Answer: ABD

  Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47435

• Question 56:

  An administrator wants to configure timeouts for users. Regardless of the userTMs behavior, the timer should start as soon as the user authenticates and expire after the configured value.

  Which timeout option should be configured on FortiGate?

  A. auth-on-demand

  B. soft-timeout

  C. idle-timeout

  D. new-session

  E. hard-timeout

  Correct Answer: E

• Question 57:

  Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

  A. To allow for out-of-order packets that could arrive after the FIN/ACK packets

  B. To finish any inspection operations

  C. To remove the NAT operation

  D. To generate logs

  Correct Answer: A

• Question 58:

  An administrator must disable RPF check to investigate an issue.

  Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?

  A. Enable asymmetric routing, so the RPF check will be bypassed.

  B. Disable the RPF check at the FortiGate interface level for the source check.

  C. Disable the RPF check at the FortiGate interface level for the reply check.

  D. Enable asymmetric routing at the interface level.

  Correct Answer: B

  Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD33955

• Question 59:

  To complete the final step of a Security Fabric configuration, an administrator must authorize all the devices on which device?

  A. FortiManager

  B. Root FortiGate

  C. FortiAnalyzer

  D. Downstream FortiGate

  Correct Answer: B

• Question 60:

  FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax.

  Which two syntaxes are correct to configure web rating for the home page? (Choose two.)

  A. www.example.com:443

  B. www.example.com

  C. example.com

  D. www.example.com/index.html

  Correct Answer: BC

  FortiGate_Security_6.4 page 384