Fortinet NSE4 - FortiOS 6.2 v1.0 (NSE4-FGT-6.2)

Page:    1 / 8   
Total 127 questions

Refer to the exhibit.


Given the FortiGate interfaces shown in the exhibit, which two statements about the FortiGate interfaces configuration in the exhibit are true? (Choose two.)

  • A. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.
  • B. Broadcast traffic received on port1-VLAN10 will not be forwarded to port2-VLAN10
  • C. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.
  • D. port1-VLAN1 is the native VLAN for the port1 physical interface.


Answer : BC

When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?

  • A. The remote user"™s virtual IP address
  • B. The public IP address of the FortiGate device
  • C. The remote user"™s public IP address
  • D. The internal IP address of the FortiGate device


Answer : D

An administrator observes that the port1 inteface cannot be configured with an IP address.
What are three possible reasons for this? (Choose three.)

  • A. The operation mode is transparent.
  • B. The interface is a member of a virtual wire pair.
  • C. The interface is a member of a zone.
  • D. The interface has been configured for one-arm sniffer.
  • E. Captive portal is enabled in the interface.


Answer : ABD

Refer to the exhibits.




The exhibits contain a network diagram and virtual IP and firewall policy configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/32?

  • A. Any available IP address in the WAN (port1) subnet 10.200.1.0/24
  • B. 10.200.1.10
  • C. 10.200.1.1
  • D. 10.0.1.254


Answer : A

Refer to the exhibit.


The exhibit shows FortiGate configuration and the output of the debug command.
Based on the diagnostic output, how is the FortiGate handling the traffic for new sessions that require proxy based inspection?

  • A. It is allowed, but with no inspection.
  • B. It is allowed and inspected, as long as the only inspection required is antivirus.
  • C. It is dropped.
  • D. It is allowed and inspected, as long as the inspection is flow based.


Answer : C

Which statement about SSL VPN settings for an SSL VPN portal is true?

  • A. By default, DNS split tunneling is enabled.
  • B. By default, the admin GUI and the SSL VPN portal use the same HTTPS port.
  • C. By default, the SSL VPN portal requires the installation of a client"™s certificate.
  • D. By default, FortiGate uses WINS servers to resolve names.


Answer : B

Refer to the exhibit.


The exhibit shows two static routes.
Which option accurately describes how FortiGate will handle these two routes to the same destination?

  • A. FortiGate will only activate the port1 route in the routing table.
  • B. FortiGate will use the port1 route as the primary candidate.
  • C. FortiGate will load balance all traffic across both routes.
  • D. FortiGate will route twice as much traffic to the port2 route.


Answer : B

Refer to the exhibit.



The exhibit shows the IPS sensor configuration and forward traffic logs.
An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine whether the influx of HTTPS traffic is an attack attempt, or not.
After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.
What is a possible reason for this?

  • A. The HTTPS signatures have not been added to the sensor.
  • B. The IPS filter is missing the Protocol:HTTPS option.
  • C. The firewall policy is not using a full SSL inspection profile.
  • D. A DoS policy should be used, instead of an IPS sensor.


Answer : C

Which two SD-WAN load balancing methods use interface weight value to distribute traffic?

  • A. Spillover
  • B. Volume
  • C. Source IP
  • D. Sessions


Answer : BD

Reference:
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/49719/configuring-sd-wan-load-balancing

Which certificate value can FortiGate use to determine the relationship between the issuer and the certificate?

  • A. Subject Key Identifier value
  • B. SMMIE Capabilities value
  • C. Subject value
  • D. Subject Alternative Name value


Answer : C

Why must you use aggressive mode when a local FortiGate IPsec gateway hosts multiple dialup tunnels?

  • A. Main mode does not support XAuth for user authentication.
  • B. In aggressive mode, the remote peers are able to provide their peer IDs in the first message.
  • C. FortiGate is able to handle NATed connections only in aggressive mode.
  • D. FortiClient supports only aggressive mode.


Answer : B

Which statement about the policy ID number of a firewall policy is true?

  • A. It is required to modify a firewall policy using the CLI.
  • B. It represents the number of objects used in the firewall policy.
  • C. It changes when firewall policies are reordered.
  • D. It defines the order in which rules are processed.


Answer : A

Which two settings must you configure to ensure FortiGate generates logs for web filter activity on a firewall policy called Full Access? (Choose two.)

  • A. Enable Event Logging.
  • B. Enable disk logging.
  • C. Enable a web filter security profile on the Full Access firewall policy.
  • D. Enable Log Allowed Traffic on the Full Access firewall policy.


Answer : CD

An administrator is running the following sniffer command:
diagnose sniffer packet any "host 10.0.2.10" 3
Which three items will be included in the sniffer output? (Choose three.)

  • A. IP header
  • B. Interface name
  • C. Packet payload
  • D. Ethernet header
  • E. Application header


Answer : ACD

Refer to the exhibit.


In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the following output:
FortiGate # diagnose sniffer packet any "port 80" 4
interfaces=[any]
filters=[port 80]
11.510058 port3 in 10.0.1.10.49255 ->
10.200.1.254.80: syn 697263124
11.760531 port3 in 10.0.1.10.49256 ->
10.200.1.254.80: syn 868017830
14.505371 port3 in 10.0.1.10.49255 ->
10.200.1.254.80: syn 697263124
14.755510 port3 in 10.0.1.10.49256 ->
10.200.1.254.80: syn 868017830
What should the administrator do next to troubleshoot the problem?

  • A. Capture the traffic using an external sniffer connected to port1.
  • B. Run a sniffer on the web server.
  • C. Execute another sniffer in the FortiGate, this time with the filter, "host 10.0.1.10".
  • D. Execute a debug flow.


Answer : D

Page:    1 / 8   
Total 127 questions