Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Fortinet
  3. NSE4
  4. NSE4_FGT-7.0 - Fortinet NSE 4 - FortiOS 7.0
Note! Following NSE4_FGT-7.0 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is NSE4_FGT-7.2

NSE4_FGT-7.0 Exam Dumps - Fortinet NSE 4 - FortiOS 7.0

Go to page:
Question # 9

Refer to the exhibit.

An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic.

Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)

A.

The Detection Mode setting is not set to Passive.

B.

Administrator didn't configure a gateway for the SD-WAN members, or configured gateway is not valid.

C.

The configured participants are not SD-WAN members.

D.

The Enable probe packets setting is not enabled.

Full Access
Question # 10

Refer to the exhibit showing a debug flow output.

Which two statements about the debug flow output are correct? (Choose two.)

A.

The debug flow is of ICMP traffic.

B.

A firewall policy allowed the connection.

C.

A new traffic session is created.

D.

The default route is required to receive a reply.

Full Access
Question # 11

Which two statements about SSL VPN between two FortiGate devices are true? (Choose two.)

A.

The client FortiGate requires a client certificate signed by the CA on the server FortiGate.

B.

The client FortiGate requires a manually added route to remote subnets.

C.

The client FortiGate uses the SSL VPN tunnel interface type to connect SSL VPN.

D.

Server FortiGate requires a CA certificate to verify the client FortiGate certificate.

Full Access
Question # 12

Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)

A.

FortiGuard web filter cache

B.

FortiGate hostname

C.

NTP

D.

DNS

Full Access
Question # 13

An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?

A.

Add the support of NTLM authentication.

B.

Add user accounts to Active Directory (AD).

C.

Add user accounts to the FortiGate group fitter.

D.

Add user accounts to the Ignore User List.

Full Access
Question # 14

If Internet Service is already selected as Destination in a firewall policy, which other configuration objects can be selected to the Destination field of a firewall policy?

A User or User Group

B. IP address

C. No other object can be added

D. FQDN address

Full Access
Question # 15

Refer to the exhibit to view the firewall policy.

Which statement is correct if well-known viruses are not being blocked?

A.

The firewall policy does not apply deep content inspection.

B.

The firewall policy must be configured in proxy-based inspection mode.

C.

The action on the firewall policy must be set to deny.

D.

Web filter should be enabled on the firewall policy to complement the antivirus profile.

Full Access
Question # 16

Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

A.

A user

B.

A root CA

C.

A bridge CA

D.

A subordinate

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps