Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Fortinet
  3. NSE4
  4. NSE4_FGT-7.2 - Fortinet NSE 4 - FortiOS 7.2

NSE4_FGT-7.2 Exam Dumps - Fortinet NSE 4 - FortiOS 7.2

Go to page:
Question # 9

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

A.

The collector agent uses a Windows API to query DCs for user logins.

B.

NetAPI polling can increase bandwidth usage in large networks.

C.

The collector agent must search security event logs.

D.

The NetSession Enum function is used to track user logouts.

Full Access
Question # 10

Which statement about the deployment of the Security Fabric in a multi-VDOM environment is true?

A.

VDOMs without ports with connected devices are not displayed in the topology.

B.

Downstream devices can connect to the upstream device from any of their VDOMs.

C.

Security rating reports can be run individually for each configured VDOM.

D.

Each VDOM in the environment can be part of a different Security Fabric.

Full Access
Question # 11

94

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

A.

The interface has been configured for one-arm sniffer.

B.

The interface is a member of a virtual wire pair.

C.

The operation mode is transparent.

D.

The interface is a member of a zone.

E.

Captive portal is enabled in the interface.

Full Access
Question # 12

Refer to the exhibits.

Exhibit A shows a network diagram. Exhibit B shows the firewall policy configuration and a VIP object configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24.

The LAN (port3) interface has the IP address 10.0.1.254/24.

If the host 10.200.3.1 sends a TCP SYN packet on port 10443 to 10.200.1.10, what will the source address, destination address, and destination port of the packet be, after FortiGate forwards the packet to the destination?

A.

10.0.1.254, 10.0.1.10, and 443, respectively

B.

10.0.1.254, 10.200.1.10, and 443, respectively

C.

10.200.3.1, 10.0.1.10, and 443, respectively

D.

10.0.1.254, 10.0.1.10, and 10443, respectively

Full Access
Question # 13

Refer to exhibit.

An administrator configured the web filtering profile shown in the exhibit to block access to all social networking sites except Twitter. However, when users try to access twitter.com, they are redirected to a FortiGuard web filtering block page.

Based on the exhibit, which configuration change can the administrator make to allow Twitter while blocking all other social networking sites?

A.

On the FortiGuard Category Based Filter configuration, set Action to Warning for Social Networking

B.

On the Static URL Filter configuration, set Type to Simple

C.

On the Static URL Filter configuration, set Action to Exempt.

D.

On the Static URL Filter configuration, set Action to Monitor.

Full Access
Question # 14

Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

A.

Social networking web filter category is configured with the action set to authenticate.

B.

The action on firewall policy ID 1 is set to warning.

C.

Access to the social networking web filter category was explicitly blocked to all users.

D.

The name of the firewall policy is all_users_web.

Full Access
Question # 15

Refer to the exhibit.

An administrator added a configuration for a new RADIUS server. While configuring, the administrator selected the Include in every user group option.

What is the impact of using the Include in every user group option in a RADIUS configuration?

A.

This option places the RADIUS server, and all users who can authenticate against that server, into every FortiGate user group.

B.

This option places all FortiGate users and groups required to authenticate into the RADIUS server, which, in this case, is FortiAuthenticator.

C.

This option places all users into every RADIUS user group, including groups that are used for the LDAP server on FortiGate.

D.

This option places the RADIUS server, and all users who can authenticate against that server, into every RADIUS group.

Full Access
Question # 16

An administrator wants to configure timeouts for users. Regardless of the userTMs behavior, the timer should start as soon as the user authenticates and expire after the configured value.

Which timeout option should be configured on FortiGate?

A.

auth-on-demand

B.

soft-timeout

C.

idle-timeout

D.

new-session

E.

hard-timeout

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps