Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Fortinet NSE4_FGT-7.2

Fortinet NSE4_FGT-7.2 Exam Practice Questions (P. 2)

  • Full Access (104 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Refer to the exhibits.
The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook.
Users are given access to the Facebook web application. They can play video content hosted on
Facebook, but they are unable to leave reactions on videos or other types of posts.


Which part of the policy configuration must you change to resolve the issue?
  1. A
    Force access to Facebook using the HTTP service.
  2. B
    Make the SSL inspection a deep content inspection.
  3. C
    Add Facebook in the URL category in the security policy.
  4. D
    Get the additional application signatures required to add to the security policy.

Correct Answer:
B

Question #7
Refer to the exhibits.
An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not available on the downstream FortiGate (ISFW).


What must the administrator do to synchronize the address object?
  1. A
    Change the csf setting on ISFW (downstream) to set configuration-sync local.
  2. B
    Change the csf setting on ISFW (downstream) to set authorization-request-type certificate.
  3. C
    Change the csf setting on both devices to set downstream-access enable.
  4. D
    Change the csf setting on Local-FortiGate (root) to set fabric-object-unification default.

Correct Answer:
D

Question #8
Refer to the exhibits.
Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds.


Based on the system performance output, which two results are correct? (Choose two.)
  1. A
    FortiGate will start sending all files to FortiSandbox for inspection.
  2. B
    FortiGate has entered conserve mode.
  3. C
    Administrators cannot change the configuration.
  4. D
    Administrators can access FortiGate only through the console port.

Correct Answer:
BD

Question #9
Refer to the exhibit showing a debug flow output.

What two conclusions can you make from the debug flow output? (Choose two.)
  1. A
    The debug flow is for ICMP traffic.
  2. B
    The default route is required to receive a reply.
  3. C
    Anew traffic session was created.
  4. D
    A firewall policy allowed the connection.

Correct Answer:
AC

Question #10
An administrator is configuring an IPsec VPN between site A and site B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?
  1. A
    192.168.2.0/24
  2. B
    192.168.0.0/8
  3. C
    192.168.1.0/24
  4. D
    192.168.3.0/24

Correct Answer:
C
chatbot-img GPT-4o - Answer
The correct configuration involves ensuring that the local quick mode selector of site B acts as the remote quick mode selector of site A and vice versa. This forms a reciprocal link where each site’s local settings correspond to the remote settings of the other site to establish effective communication over the VPN. Given the settings at site A, the local quick mode selector for site B needs to mirror what is configured as the remote selector at site A, thus making 192.168.2.0/24 the correct configuration for site B’s local selector to align with 192.168.1.0/24 at site A.

Previous Questions Next Questions

All Pages