ExamGecko
Login
Home / Fortinet / NSE4_FGT-7.2 / List of questions
Ask Question

Fortinet NSE4_FGT-7.2 Practice Test - Questions Answers, Page 8

Add to Whishlist

List of questions

Question 71

Report Export Collapse

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

Warning
Warning
Exempt
Exempt
Allow
Allow
Learn
Learn
Suggested answer: A, C
asked 18/09/2024
Ivan Pavlek
45 questions

Question 72

Report Export Collapse

Examine this FortiGate configuration:

Fortinet NSE4_FGT-7.2 image Question 72 26145 09182024185939000000

How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?

It always authorizes the traffic without requiring authentication.
It always authorizes the traffic without requiring authentication.
It drops the traffic.
It drops the traffic.
It authenticates the traffic using the authentication scheme SCHEME2.
It authenticates the traffic using the authentication scheme SCHEME2.
It authenticates the traffic using the authentication scheme SCHEME1.
It authenticates the traffic using the authentication scheme SCHEME1.
Suggested answer: D
Explanation:

'What happens to traffic that requires authorization, but does not match any authentication rule? The active and passive SSO schemes to use for those cases is defined under config authentication setting'

asked 18/09/2024
Dean Pillay
52 questions

Question 73

Report Export Collapse

Which two types of traffic are managed only by the management VDOM? (Choose two.)

FortiGuard web filter queries
FortiGuard web filter queries
PKI
PKI
Traffic shaping
Traffic shaping
DNS
DNS
Suggested answer: A, D
Explanation:

FortiGate Infrastructure 7.2 Study Guide (p.73): 'What about traffic originating from FortiGate? Some system daemons, such as NTP and FortiGuard updates, generate traffic coming from FortiGate. Traffic coming from FortiGate to those global services originates from the management VDOM. One, and only one, of the VDOMs on a FortiGate device is assigned the role of the management VDOM. It is important to note that the management VDOM designation is solely for traffic originated by FortiGate, such as FortiGuard updates, and has no effect on traffic passing through FortiGate.'

asked 18/09/2024
Welber Santos de Oliveira
45 questions

Question 74

Report Export Collapse

Refer to the exhibit.

Fortinet NSE4_FGT-7.2 image Question 74 26147 09182024185939000000

Which contains a network diagram and routing table output.

The Student is unable to access Webserver.

What is the cause of the problem and what is the solution for the problem?

The first packet sent from Student failed the RPF check. This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
The first packet sent from Student failed the RPF check. This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
The first reply packet for Student failed the RPF check. This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
The first reply packet for Student failed the RPF check. This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
The first reply packet for Student failed the RPF check . This issue can be resolved by adding a static route to 203.0. 114.24/32 through port3.
The first reply packet for Student failed the RPF check . This issue can be resolved by adding a static route to 203.0. 114.24/32 through port3.
The first packet sent from Student failed the RPF check. This issue can be resolved by adding a static route to 203.0. 114.24/32 through port3.
The first packet sent from Student failed the RPF check. This issue can be resolved by adding a static route to 203.0. 114.24/32 through port3.
Suggested answer: D
asked 18/09/2024
Robert Miletich
51 questions

Question 75

Report Export Collapse

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

diagnose wad session list
diagnose wad session list
diagnose wad session list | grep hook-pre&&hook-out
diagnose wad session list | grep hook-pre&&hook-out
diagnose wad session list | grep hook=pre&&hook=out
diagnose wad session list | grep hook=pre&&hook=out
diagnose wad session list | grep 'hook=pre'&'hook=out'
diagnose wad session list | grep 'hook=pre'&'hook=out'
Suggested answer: A
asked 18/09/2024
Osman Rana
37 questions

Question 76

Report Export Collapse

Which three criteria can a FortiGate use to look for a matching firewall policy to process traffic? (Choose three.)

Source defined as Internet Services in the firewall policy.
Source defined as Internet Services in the firewall policy.
Destination defined as Internet Services in the firewall policy.
Destination defined as Internet Services in the firewall policy.
Highest to lowest priority defined in the firewall policy.
Highest to lowest priority defined in the firewall policy.
Services defined in the firewall policy.
Services defined in the firewall policy.
Lowest to highest policy ID number.
Lowest to highest policy ID number.
Suggested answer: A, B, D
Explanation:

When a packet arrives, how does FortiGate find a matching policy? Each policy has match criteria, which

you can define using the following objects:

* Incoming Interface

* Outgoing Interface

* Source: IP address, user, internet services

* Destination: IP address or internet services

* Service: IP protocol and port number

* Schedule: Applies during configured times

asked 18/09/2024
Vojtech Danek
43 questions

Question 77

Report Export Collapse

Which scanning technique on FortiGate can be enabled only on the CLI?

Heuristics scan
Heuristics scan
Trojan scan
Trojan scan
Antivirus scan
Antivirus scan
Ransomware scan
Ransomware scan
Suggested answer: A
asked 18/09/2024
ajay jaiswal
42 questions

Question 78

Report Export Collapse

Refer to the exhibit to view the application control profile.

Fortinet NSE4_FGT-7.2 image Question 78 26151 09182024185939000000

Based on the configuration, what will happen to Apple FaceTime?

Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration
Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration
Apple FaceTime will be allowed, based on the Apple filter configuration.
Apple FaceTime will be allowed, based on the Apple filter configuration.
Apple FaceTime will be allowed only if the filter in Application and Filter Overrides is set to Learn
Apple FaceTime will be allowed only if the filter in Application and Filter Overrides is set to Learn
Apple FaceTime will be allowed, based on the Categories configuration.
Apple FaceTime will be allowed, based on the Categories configuration.
Suggested answer: A
asked 18/09/2024
PHINIT LAORUNGRUANGDECH
52 questions

Question 79

Report Export Collapse

An administrator must disable RPF check to investigate an issue.

Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?

Enable asymmetric routing, so the RPF check will be bypassed.
Enable asymmetric routing, so the RPF check will be bypassed.
Disable the RPF check at the FortiGate interface level for the source check.
Disable the RPF check at the FortiGate interface level for the source check.
Disable the RPF check at the FortiGate interface level for the reply check .
Disable the RPF check at the FortiGate interface level for the reply check .
Enable asymmetric routing at the interface level.
Enable asymmetric routing at the interface level.
Suggested answer: B
asked 18/09/2024
Sivakumar Balasundram
48 questions

Question 80

Report Export Collapse

An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192. 16. 1.0/24 and the remote quick mode selector is 192. 16.2.0/24. How must the administrator configure the local quick mode selector for site B?

192. 168.3.0/24
192. 168.3.0/24
192. 168.2.0/24
192. 168.2.0/24
192. 168. 1.0/24
192. 168. 1.0/24
192. 168.0.0/8
192. 168.0.0/8
Suggested answer: B
asked 18/09/2024
giorgi durglishvili
45 questions
Total 184 questions
Go to page: of 19
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What are two features of the NGFW policy-based mode? (Choose two.)
Refer to the exhibits. Exhibit A shows the application sensor configuration. Exhibit B shows the Excessive-Bandwidth and Apple filter details. Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming?
Which timeout setting can be responsible for deleting SSL VPN associated sessions?
What are two features of collector agent advanced mode? (Choose two.)
If Internet Service is already selected as Destination in a firewall policy, which other configuration object can be selected for the Destination field of a firewall policy?
Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)
What are two functions of the ZTNA rule? (Choose two.)
What are two characteristics of FortiGate HA cluster virtual IP addresses? (Choose two.)
Which two features of IPsec IKEv1 authentication are supported by FortiGate? (Choose two.)
Which two statements are correct about SLA targets? (Choose two.)