Question 1

Refer to the exhibits.

Exhibit A shows the application sensor configuration. Exhibit B shows the Excessive-Bandwidth and Apple filter details.

Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming?

AApple FaceTime will be allowed, based on the Categories configuration.

BApple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration.

CApple FaceTime will be allowed, based on the Apple filter configuration.

DApple FaceTime will be allowed only if the Apple filter in Application and Filter Overrides is set to Allow.

Answer : B

FortiGate Security 7.2 Study Guide (p.310): 'Then, FortiGate scans packets for matches, in this order, for the application control profile: 1. Application and filter overrides: If you have configured any application overrides or filter overrides, the application control profile considers those first. It looks for a matching override starting at the top of the list, like firewall policies. 2. Categories: Finally, the application control profile applies the action that you've configured for applications in your selected categories.'

Question 2

An organization requires remote users to send external application data running on their PCs and access FTP resources through an SSL/TLS connection.

Which FortiGate configuration can achieve this goal?

ASSL VPN bookmark

BSSL VPN tunnel

CZero trust network access

DSSL VPN quick connection

Answer : B

FortiGate Infrastructure 7.2 Study Guide (p.198): 'Tunnel mode requires FortiClient to connect to FortiGate. FortiClient adds a virtual network adapter identified as fortissl to the user's PC. This virtual adapter dynamically receives an IP address from FortiGate each time FortiGate establishes a new VPN connection. Inside the tunnel, all traffic is SSL/TLS encapsulated. The main advantage of tunnel mode over web mode is that after the VPN is established, any IP network application running on the client can send traffic through the tunnel.'

An SSL VPN tunnel allows remote users to establish a secure and encrypted Virtual Private Network (VPN) connection to the private network using the SSL/TLS protocol1.An SSL VPN tunnel can provide access to network resources such as FTP servers, as well as external applications running on the user's PC1.

An SSL VPN bookmark is a web link that provides access to network resources through the SSL VPN web portal1. It does not support external applications running on the user's PC.

Zero trust network access (ZTNA) is a security model that provides role-based application access to remote users without exposing the private network to the internet2. It does not use SSL/TLS protocol, but rather a proprietary ZTNA protocol.

SSL VPN quick connection is a feature that allows users to connect to an SSL VPN tunnel without installing FortiClient or any other software on their PC3. It requires a web browser that supports Java or ActiveX. It does not support external applications running on the user's PC.

Question 3

Refer to the exhibit.

The exhibit shows a diagram of a FortiGate device connected to the network and the firewall policy and IP pool configuration on the FortiGate device.

Two PCS, PCI and PC2, are connected behind FortiGate and can access the internet successfully. However, when the administrator adds a third PC to the network (PC3), the PC cannot connect to the Intarnet_

Based on the information shown in the exhibit, which three configuration changes should the administrator make to fix the connectivity issue for PC3? (Choose three.)

AIn the IP pool configuration, set type to overload.

BConfigure 192.2. O. 12/24 as the secondary IP address on port1

CConfigure another firewall policy that matches only the address of PC3 as source, and then place the policy on top of the list.

DIn the IP pool configuration, set endip to 192.2. O .12

EIn the firewall policy configuration, disable ippool.

Answer : A, D, E

Question 4

What are two scanning techniques supported by FortiGate? (Choose two.)

AMachine learning scan

BAntivirus scan

CRansomware scan

DTrojan scan

Answer : A, B

FortiGate Security 7.2 Study Guide (p.341):

'Like viruses, which use many methods to avoid detection, FortiGate uses many techniques to detect viruses. These detection techniques include:

* Antivirus scan

* Grayware scan

* Machine learning (AI) scan

If all antivirus features are enabled, FortiGate applies the following scanning order: antivirus scan, followed by grayware scan, followed by AI scan.'

Question 5

What is a reason for triggering IPS fail open?

AThe IPS socket buffer is full and the IPS engine cannot process additional packets.

BThe IPS engine cannot decode a packet.

CThe IPS engine is upgraded.

DThe administrator enabled NTurbo acceleration.

Answer : A

Free NSE4_FGT-7.2 Questions for Fortinet NSE4_FGT-7.2 Exam as PDF & Practice Test Software

Question 1

Question 2

Question 3

Question 4

Question 5