• Home
  • Articles
  • Ultimate Guide to Prepare NSE4_FGT-7.2 Certification Exam for Fortinet NSE 4 in 2023 [Q66-Q81]

Ultimate Guide to Prepare NSE4_FGT-7.2 Certification Exam for Fortinet NSE 4 in 2023 [Q66-Q81]

Share

Ultimate Guide to Prepare NSE4_FGT-7.2 Certification Exam for Fortinet NSE 4 in 2023

Use Real NSE4_FGT-7.2 Dumps - Fortinet Correct Answers updated on 2023

NEW QUESTION 66
On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?

  • A. Local traffic logs
  • B. Forward traffic logs
  • C. System event logs
  • D. Security logs

Answer: A

Explanation:
Reference:
Traffic logs record the traffic flowing through your FortiGate unit. Since traffic needs firewall policies to properly flow through FortiGate, this type of logging is also called firewall policy logging. Firewall policies control all traffic attempting to pass through the FortiGate unit, between FortiGate interfaces, zones, and VLAN sub-interfaces.

 

NEW QUESTION 67
Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)

  • A. Security policy
  • B. SSL inspection and authentication policy

Answer: A,B

 

NEW QUESTION 68
Refer to the exhibits.
Exhibit A shows a topology for a FortiGate HA cluster that performs proxy-based inspection on traffic. Exhibit B shows the HA configuration and the partial output of the get system ha status command.


Based on the exhibits, which two statements about the traffic passing through the cluster are true? (Choose two.)

  • A. For load balanced connections, the primary encapsulates TCP SYN packets before forwarding them to the secondary.
  • B. The cluster can load balance ICMP connections to the secondary.
  • C. The traffic sourced from the client and destined to the server is sent to FGT-1.
  • D. For non-load balanced connections, packets forwarded by the cluster to the server contain the virtual MAC address of port2 as source.

Answer: C,D

 

NEW QUESTION 69
Which timeout setting can be responsible for deleting SSL VPN associated sessions?

  • A. SSL VPN idle-timeout
  • B. SSL VPN http-request-body-timeout
  • C. SSL VPN login-timeout
  • D. SSL VPN dtls-hello-timeout

Answer: A

 

NEW QUESTION 70
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.

Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration changes will bring phase 1 up? (Choose two.)

  • A. On both FortiGate devices, set Dead Peer Detection to On Demand.
  • B. On HQ-FortiGate, set IKE mode to Main (ID protection).
  • C. On HQ-FortiGate, disable Diffie-Helman group 2.
  • D. On Remote-FortiGate, set port2 as Interface.

Answer: B,D

 

NEW QUESTION 71
Which two statements are true about the RPF check? (Choose two.)

  • A. The RPF check is run on the first reply packet of any new session.
  • B. The RPF check is run on the first sent packet of any new session.
  • C. The RPF check is run on the first sent and reply packet of any new session.
  • D. RPF is a mechanism that protects FortiGate and your network from IP spoofing attacks.

Answer: B,D

 

NEW QUESTION 72
Examine this PAC file configuration.
Which of the following statements are true? (Choose two.)

  • A. Any web request fortinet.com is allowed to bypass the proxy.
  • B. Browsers can be configured to retrieve this PAC file from the FortiGate.
  • C. All requests not made to Fortinet.com or the 172.25. 120.0/24 subnet, have to go through altproxy.corp.com: 8060.
  • D. Any web request to the 172.25. 120.0/24 subnet is allowed to bypass the proxy.

Answer: A,B

 

NEW QUESTION 73
Which three statements explain a flow-based antivirus profile? (Choose three.)

  • A. FortiGate buffers the whole file but transmits to the client simultaneously.
  • B. IPS engine handles the process as a standalone.
  • C. Flow-based inspection uses a hybrid of scanning modes available in proxy-based inspection.
  • D. Optimized performance compared to proxy-based inspection.
  • E. If the virus is detected, the last packet is delivered to the client.

Answer: A,C,D

 

NEW QUESTION 74
Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?

  • A. diagnose sys top
  • B. get system status
  • C. get system performance status
  • D. get system arp

Answer: D

Explanation:
"If you suspect that there is an IP address conflict, or that an IP has been assigned to the wrong device, you may need to look at the ARP table."

 

NEW QUESTION 75
Refer to the exhibit.

Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?

  • A. Read/Write permission for Log & Report
  • B. Custom permission for Network
  • C. Read/Write permission for Firewall
  • D. CLI diagnostics commands permission

Answer: D

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD50220

 

NEW QUESTION 76
An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

  • A. The strict RPF check is run on the first sent and reply packet of any new session.
  • B. Strict RPF checks the best route back to the source using the incoming interface.
  • C. Strict RPF allows packets back to sources with all active routes.
  • D. Strict RPF checks only for the existence of at least one active route back to the source using the incoming interface.

Answer: D

 

NEW QUESTION 77
Which two statements explain antivirus scanning modes? (Choose two.)

  • A. In proxy-based inspection mode, files bigger than the buffer size are scanned.
  • B. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.
  • C. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
  • D. In flow-based inspection mode, files bigger than the buffer size are scanned.

Answer: B,C

Explanation:
An antivirus profile in full scan mode buffers up to your specified file size limit. The default is 10 MB. That is large enough for most files, except video files. If your FortiGate model has more RAM, you may be able to increase this threshold. Without a limit, very large files could exhaust the scan memory. So, this threshold balances risk and performance. Is this tradeoff unique to FortiGate, or to a specific model? No. Regardless of vendor or model, you must make a choice. This is because of the difference between scans in theory, that have no limits, and scans on real-world devices, that have finite RAM. In order to detect 100% of malware regardless of file size, a firewall would need infinitely large RAM--something that no device has in the real world. Most viruses are very small. This table shows a typical tradeoff. You can see that with the default 10 MB threshold, only 0.01% of viruses pass through.

 

NEW QUESTION 78
The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. What order must FortiGate use when the web filter profile has features enabled, such as safe search?

  • A. FortiGuard category filter and rating filter
  • B. Static domain filter, SSL inspection filter, and external connectors filters
  • C. DNS-based web filter and proxy-based web filter
  • D. Static URL filter, FortiGuard category filter, and advanced filters

Answer: D

 

NEW QUESTION 79
An administrator is running the following sniffer command:
Which three pieces of Information will be Included in me sniffer output? {Choose three.)

  • A. Packet payload
  • B. Ethernet header
  • C. IP header
  • D. Interface name
  • E. Application header

Answer: A,C,D

 

NEW QUESTION 80
What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

  • A. It limits the scanning of application traffic to use parent signatures only.
  • B. It limits the scanning of application traffic to the application category only.
  • C. It limits the scanning of application traffic to the browser-based technology category only.
  • D. It limits the scanning of application traffic to the DNS protocol only.

Answer: C

Explanation:
https://docs.fortinet.com/document/fortigate/5.6.0/cookbook/38324/ngfw-policy-based-mode

 

NEW QUESTION 81
......

Fortinet NSE 4 -NSE4_FGT-7.2 Exam-Practice-Dumps: https://pass4sure.testvalid.com/NSE4_FGT-7.2-valid-exam-test.html

Related Articles

more
Fortinet NSE4_FGT-7.2 Certification Practice Exam

Copyright © 2026 TestValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy