1. Home
  2. Fortinet
  3. NSE4_FGT-7.0

Fortinet NSE4_FGT-7.0 Online Practice Questions and Exam Preparation

NSE4_FGT-7.0 Exam Details

  • Exam Code
    :NSE4_FGT-7.0
  • Exam Name
    :Fortinet NSE 4 - FortiOS 7.0
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :172 Q&As
  • Last Updated
    :May 27, 2026

Fortinet NSE4_FGT-7.0 Online Questions & Answers

  • Question 121:

    Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

    A. By default, FortiGate uses WINS servers to resolve names.
    B. By default, the SSL VPN portal requires the installation of a client's certificate.
    C. By default, split tunneling is enabled.
    D. By default, the admin GUI and SSL VPN portal use the same HTTPS port.

  • Question 122:

    Refer to the exhibit.

    Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

    A. The signature setting uses a custom rating threshold.
    B. The signature setting includes a group of other signatures.
    C. Traffic matching the signature will be allowed and logged.
    D. Traffic matching the signature will be silently dropped and logged.

  • Question 123:

    An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel. Which DPD mode on FortiGate will meet the above requirement?

    A. Disabled
    B. On Demand
    C. Enabled
    D. On Idle

  • Question 124:

    What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

    A. It limits the scope of application control to the browser-based technology category only.
    B. It limits the scope of application control to scan application traffic based on application category only.
    C. It limits the scope of application control to scan application traffic using parent signatures only
    D. It limits the scope of application control to scan application traffic on DNS protocol only.

  • Question 125:

    Which of statement is true about SSL VPN web mode?

    A. The tunnel is up while the client is connected.
    B. It supports a limited number of protocols.
    C. The external network application sends data through the VPN.
    D. It assigns a virtual IP address to the client.

  • Question 126:

    FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy.

    Which two other security profiles can you apply to the security policy? (Choose two.)

    A. Antivirus scanning
    B. File filter
    C. DNS filter
    D. Intrusion prevention

  • Question 127:

    Which statement about video filtering on FortiGate is true?

    A. Full SSL Inspection is not required.
    B. It is available only on a proxy-based firewall policy.
    C. It inspects video files hosted on file sharing services.
    D. Video filtering FortiGuard categories are based on web filter FortiGuard categories.

  • Question 128:

    If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?

    A. IP address
    B. Once Internet Service is selected, no other object can be added
    C. User or User Group
    D. FQDN address

  • Question 129:

    Which two types of traffic are managed only by the management VDOM? (Choose two.)

    A. FortiGuard web filter queries
    B. PKI
    C. Traffic shaping
    D. DNS

  • Question 130:

    Which Security rating scorecard helps identify configuration weakness and best practice violations in your network?

    A. Fabric Coverage
    B. Automated Response
    C. Security Posture
    D. Optimization

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4_FGT-7.0 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.