Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Fortinet
  3. NSE4
  4. NSE4_FGT-7.2 - Fortinet NSE 4 - FortiOS 7.2

NSE4_FGT-7.2 Exam Dumps - Fortinet NSE 4 - FortiOS 7.2

Go to page:
Question # 41

Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

A.

Traffic between port2 and port2-vlan1 is allowed by default.

B.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain.

C.

port1 is a native VLAN.

D.

port1-vlan and port2-vlan1 can be assigned in the same VDOM or to different VDOMs.

Full Access
Question # 42

An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

A.

The strict RPF check is run on the first sent and reply packet of any new session.

B.

Strict RPF checks the best route back to the source using the incoming interface.

C.

Strict RPF checks only for the existence of at least one active route back to the source using the incoming interface.

D.

Strict RPF allows packets back to sources with all active routes.

Full Access
Question # 43

Which timeout setting can be responsible for deleting SSL VPN associated sessions?

A.

SSL VPN idle-timeout

B.

SSL VPN http-request-body-timeout

C.

SSL VPN login-timeout

D.

SSL VPN dtls-hello-timeout

Full Access
Question # 44

On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?

A.

System event logs

B.

Forward traffic logs

C.

Local traffic logs

D.

Security logs

Full Access
Question # 45

Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command.

Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?

A.

The IPS engine was inspecting high volume of traffic.

B.

The IPS engine was unable to prevent an intrusion attack .

C.

The IPS engine was blocking all traffic.

D.

The IPS engine will continue to run in a normal state.

Full Access
Question # 46

18

If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

A.

A CRL

B.

A person

C.

A subordinate CA

D.

A root CA

Full Access
Question # 47

An administrator needs to increase network bandwidth and provide redundancy.

What interface type must the administrator select to bind multiple FortiGate interfaces?

A.

VLAN interface

B.

Software Switch interface

C.

Aggregate interface

D.

Redundant interface

Full Access
Question # 48

82

Consider the topology:

Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.

An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.

The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.

What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)

A.

Set the maximum session TTL value for the TELNET service object.

B.

Set the session TTL on the SSLVPN policy to maximum, so the idle session timeout will not happen after 90 minutes.

C.

Create a new service object for TELNET and set the maximum session TTL.

D.

Create a new firewall policy and place it above the existing SSLVPN policy for the SSL VPN traffic, and set the new TELNET service object in the policy.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps