Fortinet NSE4_FGT_AD-7.6 - Fortinet NSE 4 - FortiOS 7.6 Administrator Exam
Page: 1 / 10
Total 49 questions
Question #1 (Topic: Exam A)
The FortiGate device HQ-NGFW-1 with the IP address 10.0.13.254 sends logs to the FortiAnalyzer device with the IP address 10.0.13.125. The administrator wants to verify that reliable logging is enabled on HQ-NGFW-1.
Which exhibit helps with the verification?
Which exhibit helps with the verification?
A. 
B. 
C. 
D. 
B.
C.
D.
Answer: A
Question #2 (Topic: Exam A)
Refer to the exhibit.
Based on the routing table shown in the exhibit, which two statements are true? (Choose two.)
Based on the routing table shown in the exhibit, which two statements are true? (Choose two.)
A. A packet with the source IP address 10.0.13.10 arriving on port2 is allowed if strict RPF is disabled.
B. A packet with the source IP address 10.100.110.10 arriving on port3 is allowed if strict RPF is disabled.
C. A packet with the source IP address 10.10.10.10 arriving on port2 is allowed if strict RPF is enabled.
D. A packet with the source IP address 10.100.110.10 arriving on port2 is allowed if strict RPF is enabled.
Answer: AD
Question #3 (Topic: Exam A)
Which three statements about SD-WAN performance SLAs are true? (Choose three.)
A. They can be measured actively or passively.
B. They are applied in a SD-WAN rule lowest cost strategy.
C. They monitor the state of the FortiGate device.
D. All the SLA targets can be configured.
E. They rely on session loss and jitter.
Answer: ABD
Question #4 (Topic: Exam A)
FortiGate is operating in NAT mode and has two physical interfaces connected to the LAN and DMZ networks respectively.
Which two statements about the requirements of connected physical interfaces on FortiGate are true? (Choose two.)
Which two statements about the requirements of connected physical interfaces on FortiGate are true? (Choose two.)
A. Both interfaces must have directly connected routes on the routing table.
B. Both interfaces must have IP addresses assigned.
C. Both interfaces must have DHCP enabled and interfaces set to LAN and DMZ roles assigned.
D. Both interfaces must have the interface role assigned.
Answer: BD
Question #5 (Topic: Exam A)
A network administrator has enabled full SSL inspection and web filtering on FortiGate. When visiting any HTTPS websites, the browser reports certificate warning errors. When visiting HTTP websites, the browser does not report errors.
What is the reason for the certificate warning errors?
What is the reason for the certificate warning errors?
A. The matching firewall policy is set to proxy inspection mode.
B. The option invalid SSL certificates is set to allow on the SSL/SSH inspection profile.
C. The certificate used by FortiGate for SSL inspection does not contain the required certificate extensions.
D. The browser does not trust the certificate used by FortiGate for SSL inspection.
Answer: D
