Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE4_FGT-7.0

Fortinet NSE4_FGT-7.0 Exam Practice Questions (P. 3)

  • Full Access (106 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
An administrator has configured outgoing interface any in a firewall policy.
Which statement is true about the policy list view?
  1. A
    Interface Pair view will be disabled.
  2. B
    Search option will be disabled.
  3. C
    Policy lookup will be disabled.
  4. D
    By Sequence view will be disabled.

Correct Answer:
A

Question #12
Refer to the exhibit.

Given the interfaces shown in the exhibit, which two statements are true? (Choose two.)
  1. A
    Traffic between port2 and port2-vlan1 is allowed by default.
  2. B
    port1-vlan10 and port2-vlan10 are part of the same broadcast domain.
  3. C
    port1-vlan1 and port2-vlan1 can be assigned in the same VDOM or to different VDOMs.
  4. D
    port1 is a native VLAN.

Correct Answer:
CD

Question #13
A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
✑ All traffic must be routed through the primary tunnel when both tunnels are up
✑ The secondary tunnel must be used only if the primary tunnel goes down
In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover

Which two key configuration changes are needed in FortiGate to meet the design requirements? (Choose two.)
  1. A
    Configure a higher distance on the static route for the primary tunnel, and a lower distance on the static route for the secondary tunnel.
  2. B
    Enable Dead Peer Detection.
  3. C
    Enable Auto-negotiate and Auto Keep Alive on the phase 2 configuration of both tunnels.
  4. D
    Configure a lower distance on the static route for the primary tunnel, and a higher distance on the static route for the secondary tunnel.

Correct Answer:
BD

Question #14
Refer to the exhibit.

The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster.
The override setting is enable for the FortiGate with SN FGVM010000064692.
Which two statements are true? (Choose two.)
  1. A
    FortiGate SN FGVM010000065036 HA uptime has been reset.
  2. B
    FortiGate devices are not in sync because one device is down.
  3. C
    FortiGate SN FGVM010000064692 is the primary because of higher HA uptime.
  4. D
    FortiGate SN FGVM010000064692 has the higher HA priority.

Correct Answer:
AC
Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/666653/primary-unit-selection-with-override-disabled-default

Question #15
Refer to the exhibits.
Exhibit A shows system performance output.

Exhibit B shows s FortiGate configured with the default configuration of high memory usage thresholds.

Based on the system performance output, which two statements are correct? (Choose two.)
  1. A
    FortiGate will start sending all files to FortiSandbox for inspection.
  2. B
    FortiGate has entered conserve mode.
  3. C
    Administrators cannot change the configuration.
  4. D
    Administrators can access FortiGate only through the console port.

Correct Answer:
BC
Reference:
https://www.skillfulist.com/fortigate/fortigate-conserve-mode-how-to-stop-it-and-what-it-means/

Previous Questions Next Questions

All Pages