Fortinet - Limited Time Discount Offer - Ends In 00:00:00 Coupon code: 30OFF
  1. Home
  2. Fortinet
  3. NSE4_FGT-6.4 Exam

Free NSE4_FGT-6.4 Questions for Fortinet NSE4_FGT-6.4 Exam as PDF & Practice Test Software

Page:    1 / 14   
Total 165 questions

Question 1

Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?



Answer : B

Question 2

Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?



Answer : C

Question 3

Refer to the exhibit.

The exhibit shows proxy policies and proxy addresses, the authentication rule and authentication scheme, users, and firewall address.

An explicit web proxy is configured for subnet range 10.0.1.0/24 with three explicit web proxy policies.

The authentication rule is configured to authenticate HTTP requests for subnet range 10.0.1.0/24 with a form-based authentication scheme for the FortiGate local user database. Users will be prompted for authentication.

How will FortiGate process the traffic when the HTTP request comes from a machine with the source IP 10.0.1.10 to the destination http://www.fortinet.com? (Choose two.)



Answer : B, D

Question 4

Refer to the exhibit.

The exhibit contains a network diagram, firewall policies, and a firewall address object configuration.

An administrator created a Deny policy with default settings to deny Webserver access for Remote-user2. Remote-user2 is still able to access Webserver.

Which two changes can the administrator make to deny Webserver access for Remote-User2? (Choose two.)



Answer : C, D

Question 5

If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?



Answer : B

Question 6

Consider the topology:

Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.

An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.

The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.

What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)



Answer : C, D

Page:    1 / 14   
Total 165 questions