A Review Of Realistic NSE4_FGT-7.0 Real Exam

NEW QUESTION 1

Which two statements are true when FortiGate is in transparent mode? (Choose two.)

• A. By default, all interfaces are part of the same broadcast domain.
• B. The existing network IP schema must be changed when installing a transparent mode.
• C. Static routes are required to allow traffic to the next hop.
• D. FortiGate forwards frames without changing the MAC address.

Answer: AD

Explanation:
Reference: https://kb.fortinet.com/kb/viewAttachment.do? attachID=Fortigate_Transparent_Mode_Technical_Guide_FortiOS_4_0_version1.2.pdf&documentID=FD33113

NEW QUESTION 2

Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration changes will bring phase 1 up? (Choose two.)

• A. On HQ-FortiGate, set IKE mode to Main (ID protection).
• B. On both FortiGate devices, set Dead Peer Detection to On Demand.
• C. On HQ-FortiGate, disable Diffie-Helman group 2.
• D. On Remote-FortiGate, set port2 as Interface.

Answer: AD

NEW QUESTION 3

The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile.
What order must FortiGate use when the web filter profile has features enabled, such as safe search?

• A. DNS-based web filter and proxy-based web filter
• B. Static URL filter, FortiGuard category filter, and advanced filters
• C. Static domain filter, SSL inspection filter, and external connectors filters
• D. FortiGuard category filter and rating filter

Answer: B

Explanation:
Reference: https://fortinet121.rssing.com/chan-67705148/all_p1.html

NEW QUESTION 4

Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)

• A. FortiGuard web filter cache
• B. FortiGate hostname
• C. NTP
• D. DNS

Answer: CD

NEW QUESTION 5

An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?

• A. Add the support of NTLM authentication.
• B. Add user accounts to Active Directory (AD).
• C. Add user accounts to the FortiGate group fitter.
• D. Add user accounts to the Ignore User List.

Answer: D

Explanation:
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD38828

NEW QUESTION 6

Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

• A. hard-timeout
• B. auth-on-demand
• C. soft-timeout
• D. new-session
• E. Idle-timeout

Answer: ADE

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD37221

NEW QUESTION 7

An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

• A. Device detection on all interfaces is enforced for 30 minutes.
• B. Denied users are blocked for 30 minutes.
• C. A session for denied traffic is created.
• D. The number of logs generated by denied traffic is reduced.

Answer: CD

Explanation:
Reference: https://kb.fortinet.com/kb/documentLink.do?externalID=FD46328

NEW QUESTION 8

FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax.
Which two syntaxes are correct to configure web rating for the home page? (Choose two.)

• A. www.example.com:443
• B. www.example.com
• C. example.com
• D. www.example.com/index.html

Answer: BC

Explanation:
FortiGate_Security_6.4 page 384
When using FortiGuard category filtering to allow or block access to a website, one option is to make a web rating override and define the website in a different category. Web ratings are only for host names— "no URLs or wildcard characters are allowed".

NEW QUESTION 9

Refer to the exhibits.


Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)

• A. Administrators can access FortiGate only through the console port.
• B. FortiGate has entered conserve mode.
• C. FortiGate will start sending all files to FortiSandbox for inspection.
• D. Administrators cannot change the configuration.

Answer: BD

Explanation:
Reference: https://www.skillfulist.com/fortigate/fortigate-conserve-mode-how-to-stop-it-and-what-it-means/

NEW QUESTION 10

Examine this FortiGate configuration:

Examine the output of the following debug command:

Based on the diagnostic outputs above, how is the FortiGate handling the traffic for new sessions that require inspection?

• A. It is allowed, but with no inspection
• B. It is allowed and inspected as long as the inspection is flow based
• C. It is dropped.
• D. It is allowed and inspected, as long as the only inspection required is antivirus.

Answer: C

NEW QUESTION 11

Which two statements are true about the RPF check? (Choose two.)

• A. The RPF check is run on the first sent packet of any new session.
• B. The RPF check is run on the first reply packet of any new session.
• C. The RPF check is run on the first sent and reply packet of any new session.
• D. RPF is a mechanism that protects FortiGate and your network from IP spoofing attacks.

Answer: AD

Explanation:
Reference: https://www.programmersought.com/article/16383871634/

NEW QUESTION 12

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

• A. FortiGate points the collector agent to use a remote LDAP server.
• B. FortiGate uses the AD server as the collector agent.
• C. FortiGate uses the SMB protocol to read the event viewer logs from the DCs.
• D. FortiGate queries AD by using the LDAP to retrieve user group information.

Answer: CD

Explanation:
Fortigate Infrastructure 7.0 Study Guide P.272-273 https://kb.fortinet.com/kb/documentLink.do?externalID=FD47732

NEW QUESTION 13

Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

• A. Social networking web filter category is configured with the action set to authenticate.
• B. The action on firewall policy ID 1 is set to warning.
• C. Access to the social networking web filter category was explicitly blocked to all users.
• D. The name of the firewall policy is all_users_web.

Answer: A

NEW QUESTION 14

Which two statements ate true about the Security Fabric rating? (Choose two.)

• A. It provides executive summaries of the four largest areas of security focus.
• B. Many of the security issues can be fixed immediately by clicking Apply where available.
• C. The Security Fabric rating must be run on the root FortiGate device in the Security Fabric.
• D. The Security Fabric rating is a free service that comes bundled with alt FortiGate devices.

Answer: BC

Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/292634/security-rating

NEW QUESTION 15

Refer to the exhibit.

According to the certificate values shown in the exhibit, which type of entity was the certificate issued to?

• A. A user
• B. A root CA
• C. A bridge CA
• D. A subordinate

Answer: A

NEW QUESTION 16

Examine the network diagram shown in the exhibit, then answer the following question:

Which one of the following routes is the best candidate route for FGT1 to route traffic from the Workstation to the Web server?

• A. 172.16.0.0/16 [50/0] via 10.4.200.2, port2 [5/0]
• B. 0.0.0.0/0 [20/0] via 10.4.200.2, port2
• C. 10.4.200.0/30 is directly connected, port2
• D. 172.16.32.0/24 is directly connected, port1

Answer: D

NEW QUESTION 17
......