Download Fortinet NSE 4 -FortiOS 6-4.DumpsBase.NSE4_FGT-6.4.2023-01-17.1e.87q.vcex

Download Exam

File Info

Exam Fortinet NSE 4 - FortiOS 6.4
Number NSE4_FGT-6.4
File Name Fortinet NSE 4 -FortiOS 6-4.DumpsBase.NSE4_FGT-6.4.2023-01-17.1e.87q.vcex
Size 6.97 Mb
Posted January 17, 2023
Downloads 1

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAM_HUB

Discount: 20%

 
 



Demo Questions

Question 1
Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

  • A: hard-timeout
  • B: auth-on-demand
  • C: soft-timeout
  • D: new-session
  • E: Idle-timeout



Question 2
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

  • A: Log ID
  • B: Universally Unique Identifier
  • C: Policy ID
  • D: Sequence ID



Question 3
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

  • A: diagnose sys top
  • B: execute ping
  • C: execute traceroute
  • D: diagnose sniffer packet any
  • E: get system arp



Question 4
Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running
through FortiGate? (Choose two.)

  • A: Set the maximum session TTL value for the TELNET service object.
  • B: Set the session TTL on the SSLVPN policy to maximum, so the idle session timeout will not happen after 90 minutes.
  • C: Create a new service object for TELNET and set the maximum session TTL.
  • D: Create a new firewall policy and place it above the existing SSLVPN policy for the SSL VPN traffic, and set the new TELNET service object in the policy.



Question 5
Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

  • A: Log downloads from the GUI are limited to the current filter view
  • B: Log backups from the CLI cannot be restored to another FortiGate.
  • C: Log backups from the CLI can be configured to upload to FTP as a scheduled time
  • D: Log downloads from the GUI are stored as LZ4 compressed files.



Question 6
Which two statements are true about the FGCP protocol? (Choose two.)

  • A: Not used when FortiGate is in Transparent mode
  • B: Elects the primary FortiGate device
  • C: Runs only over the heartbeat links
  • D: Is used to discover FortiGate devices in different HA groups



Question 7
An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

  • A: VLAN interface
  • B: Software Switch interface
  • C: Aggregate interface
  • D: Redundant interface



Question 8
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

  • A: Traffic to botnetservers
  • B: Traffic to inappropriate web sites
  • C: Server information disclosure attacks
  • D: Credit card data leaks
  • E: SQL injection attacks



Question 9
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?

  • A: IP address
  • B: Once Internet Service is selected, no other object can be added
  • C: User or User Group
  • D: FQDN address



Question 10
Refer to the exhibit.

   

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?

  • A: Traffic will be redirected to the transparent proxy and it will be allowed by proxy policy ID 3.
  • B: Traffic will not be redirected to the transparent proxy and it will be allowed by firewall policy ID 1.
  • C: Traffic will be redirected to the transparent proxy and It will be allowed by proxy policy ID 1.
  • D: Traffic will be redirected to the transparent proxy and it will be denied by the proxy implicit deny policy.






CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset