The Regenerate Guide To NSE4_FGT-7.0 Pdf Exam

NEW QUESTION 1

Refer to the exhibit to view the application control profile.

Users who use Apple FaceTime video conferences are unable to set up meetings. In this scenario, which statement is true?

• A. Apple FaceTime belongs to the custom monitored filter.
• B. The category of Apple FaceTime is being monitored.
• C. Apple FaceTime belongs to the custom blocked filter.
• D. The category of Apple FaceTime is being blocked.

Answer: C

NEW QUESTION 2

In an explicit proxy setup, where is the authentication method and database configured?

• A. Proxy Policy
• B. Authentication Rule
• C. Firewall Policy
• D. Authentication scheme

Answer: D

NEW QUESTION 3

Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

• A. To allow for out-of-order packets that could arrive after the FIN/ACK packets
• B. To finish any inspection operations
• C. To remove the NAT operation
• D. To generate logs

Answer: A

Explanation:
TCP provides the ability for one end of a connection to terminate its output while still receiving data from the other end. This is called a half-close. FortiGate unit implements a specific timer before removing an entry in the firewall session table.

NEW QUESTION 4

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

• A. Warning
• B. Exempt
• C. Allow
• D. Learn

Answer: AC

NEW QUESTION 5

Examine the network diagram shown in the exhibit, then answer the following question:

Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?

• A. 172.16.0.0/16 [50/0] via 10.4.200.2, port2 [5/0]
• B. 0.0.0.0/0 [20/0] via 10.4.200.2, port2
• C. 10.4.200.0/30 is directly connected, port2
• D. 172.16.32.0/24 is directly connected, port1

Answer: D

NEW QUESTION 6

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

• A. FortiGate points the collector agent to use a remote LDAP server.
• B. FortiGate uses the AD server as the collector agent.
• C. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
• D. FortiGate queries AD by using the LDAP to retrieve user group information.

Answer: CD

Explanation:
Fortigate Infrastructure 7.0 Study Guide P.272-273 https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732

NEW QUESTION 7

Which statement about the policy ID number of a firewall policy is true?

• A. It is required to modify a firewall policy using the CLI.
• B. It represents the number of objects used in the firewall policy.
• C. It changes when firewall policies are reordered.
• D. It defines the order in which rules are processed.

Answer: A

NEW QUESTION 8

Which three statements are true regarding session-based authentication? (Choose three.)

• A. HTTP sessions are treated as a single user.
• B. IP sessions from the same source IP address are treated as a single user.
• C. It can differentiate among multiple clients behind the same source IP address.
• D. It requires more resources.
• E. It is not recommended if multiple users are behind the source NAT

Answer: ACD

NEW QUESTION 9

An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

• A. VLAN interface
• B. Software Switch interface
• C. Aggregate interface
• D. Redundant interface

Answer: C

Explanation:
Reference: https://forum.fortinet.com/tm.aspx?m=120324

NEW QUESTION 10

What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?

• A. FortiGate automatically negotiates different local and remote addresses with the remote peer.
• B. FortiGate automatically negotiates a new security association after the existing security association expires.
• C. FortiGate automatically negotiates different encryption and authentication algorithms with the remote peer.
• D. FortiGate automatically brings up the IPsec tunnel and keeps it up, regardless of activity on the IPsec tunnel.

Answer: D

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=12069

NEW QUESTION 11

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

• A. System time
• B. FortiGuaid update servers
• C. Operating mode
• D. NGFW mode

Answer: CD

Explanation:
C: "Operating mode is per-VDOM setting. You can combine transparent mode VDOM's with NAT mode VDOMs on the same physical Fortigate.
D: "Inspection-mode selection has moved from VDOM to firewall policy, and the default inspection-mode is flow, so NGFW Mode can be changed from Profile-base (Default) to Policy-base directly in System > Settings from the VDOM" Page 125 of FortiGate_Infrastructure_6.4_Study_Guide

NEW QUESTION 12

Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?

• A. Antivirus engine
• B. Intrusion prevention system engine
• C. Flow engine
• D. Detection engine

Answer: B

Explanation:
Reference: http://docs.fortinet.com/document/fortigate/6.0.0/handbook/240599/application-control

NEW QUESTION 13

Which two statements about FortiGate FSSO agentless polling mode are true? (Choose two.)

• A. FortiGate uses the AD server as the collector agent.
• B. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
• C. FortiGate does not support workstation check.
• D. FortiGate directs the collector agent to use a remote LDAP server.

Answer: BD

Explanation:
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732

NEW QUESTION 14

An administrator has configured outgoing Interface any in a firewall policy. Which statement is true about the policy list view?

• A. Policy lookup will be disabled.
• B. By Sequence view will be disabled.
• C. Search option will be disabled
• D. Interface Pair view will be disabled.

Answer: D

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47821

NEW QUESTION 15

Which two statements are correct about SLA targets? (Choose two.)

• A. You can configure only two SLA targets per one Performance SLA.
• B. SLA targets are optional.
• C. SLA targets are required for SD-WAN rules with a Best Quality strategy.
• D. SLA targets are used only when referenced by an SD-WAN rule.

Answer: BD

Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/382233/performance-sla-sla-targets

NEW QUESTION 16

Refer to the exhibit.

The exhibit shows the IPS sensor configuration.
If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)

• A. The sensor will allow attackers matching the NTP.Spoofed.KoD.DoS signature.
• B. The sensor will block all attacks aimed at Windows servers.
• C. The sensor will reset all connections that match these signatures.
• D. The sensor will gather a packet log for all matched traffic.

Answer: AB

NEW QUESTION 17

Refer to the exhibit.

Which contains a session diagnostic output. Which statement is true about the session diagnostic output?

• A. The session is in SYN_SENT state.
• B. The session is in FIN_ACK state.
• C. The session is in FTN_WAIT state.
• D. The session is in ESTABLISHED state.

Answer: A

Explanation:
Indicates TCP (proto=6) session in SYN_SENT state (proto=state=2) https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042

NEW QUESTION 18

Refer to the exhibit.

The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration. The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10 .0.1.254. /24. The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?

• A. 10.200.1.1
• B. 10.200.3.1
• C. 10.200.1.100
• D. 10.200.1.10

Answer: A

Explanation:
Reference:
https://help.fortinet.com/fos60hlp/60/Content/FortiOS/fortigate-firewall/Concepts%20-%20Firewall/Static%20N
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD44529

NEW QUESTION 19

An administrator is running the following sniffer command:

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

• A. Interface name
• B. Packet payload
• C. Ethernet header
• D. IP header
• E. Application header

Answer: ABD

NEW QUESTION 20
......