Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE4_FGT-6.4

Fortinet NSE4_FGT-6.4 Exam Practice Questions (P. 1)

  • Full Access (121 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
Which two statements are true when FortiGate is in transparent mode? (Choose two.)
  1. A
    By default, all interfaces are part of the same broadcast domain.
  2. B
    The existing network IP schema must be changed when installing a transparent mode FortiGate in the network.
  3. C
    Static routes are required to allow traffic to the next hop.
  4. D
    FortiGate forwards frames without changing the MAC address.

Correct Answer:
AD
Reference:
https://kb.fortinet.com/kb/viewAttachment.do?
attachID=Fortigate_Transparent_Mode_Technical_Guide_FortiOS_4_0_version1.2.pdf&documentID=FD33113

Question #2
What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?
  1. A
    Full Content inspection
  2. B
    Proxy-based inspection
  3. C
    Certificate inspection
  4. D
    Flow-based inspection

Correct Answer:
D

Question #3
Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)
  1. A
    For a stronger authentication, you can also enable extended authentication (XAuth) to request the remote peer to provide a username and password.
  2. B
    FortiGate supports pre-shared key and signature as authentication methods.
  3. C
    Enabling XAuth results in a faster authentication because fewer packets are exchanged.
  4. D
    A certificate is not required on the remote peer when you set the signature as the authentication method.

Correct Answer:
AB
Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/100552/using-xauth-authentication

Question #4
Which scanning technique on FortiGate can be enabled only on the CLI?
  1. A
    Heuristics scan
  2. B
    Trojan scan
  3. C
    Antivirus scan
  4. D
    Ransomware scan

Correct Answer:
A
Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/927086/examples

Question #5
Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)
  1. A
    Firewall policy
  2. B
    Policy rule
  3. C
    Security policy
  4. D
    SSL inspection and authentication policy

Correct Answer:
AB
Reference:
https://docs.fortinet.com/document/fortigate/5.6.0/cookbook/38324/ngfw-policy-based-mode

Next Questions

All Pages