Fortinet NSE4_FGT-7.2 Practice Test - Questions Answers, Page 9

List of questions
Question 81

Which of the following statements about central NAT are true? (Choose two.)
Question 82

An employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent SSL VPN negotiation failure?
FortiGate Infrastructure 7.2 Study Guide (p.222):
'When connected to SSL VPN over high latency connections, FortiGate can time out the client before the client can finish the negotiation process, such as DNS lookup and time to enter a token. Two new CLI commands under config vpn ssl settings have been added to address this. The first command allows you to set up the login timeout, replacing the previous hard timeout value. The second command allows you to set up the maximum DTLS hello timeout for SSL VPN connections.'
Question 83

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)
https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-whats-new-54/Top_VirtualWirePair.htm
Question 84

Which two statements are correct about a software switch on FortiGate? (Choose two.)
Question 85

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)
Fortigate Infrastructure 7.0 Study Guide P.272-273
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732
Question 86

What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?
Question 87

Examine this output from a debug flow:
Why did the FortiGate drop the packet?
https://kb.fortinet.com/kb/documentLink.do?externalID=13900
https://www.fortinetguru.com/2016/03/what-is-policy-id-0-and-why-lot-of-denied-traffic-on-this-policy/
Question 88

Which three security features require the intrusion prevention system (IPS) engine to function? (Choose three.)
https://docs.fortinet.com/document/fortigate/7.0.0/new-features/739623/dns-filter-handled-by-ips-engine-in-flow-mode
Question 89

Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)
Question 90

An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?
An aggregate interface is a logical interface that combines two or more physical interfaces into one virtual interface1. An aggregate interface can increase network bandwidth and provide redundancy by distributing traffic across multiple physical interfaces using a load balancing algorithm1. An aggregate interface can also support link aggregation control protocol (LACP) to negotiate the link aggregation settings with the connected device1.
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/567758/aggregation-and-redundancy
Question