Updated Fortinet NSE 4 – FortiOS 6.4 NSE4_FGT-6.4 Dumps V13.02

1. Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command.

Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?

2. Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

3. FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy.

Which two other security profiles can you apply to the security policy? (Choose two.)

4. When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

5. Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)

6. Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

7. Consider the topology:

Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.

An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.

The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.

What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)

8. NGFW mode allows policy-based configuration for most inspection rules.

Which security profile’s configuration does not change when you enable policy-based inspection?

9. Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

10. Which two statements are true about the FGCP protocol? (Choose two.)

11. An administrator needs to increase network bandwidth and provide redundancy.

What interface type must the administrator select to bind multiple FortiGate interfaces?

12. Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

13. What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

14. If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?

15. Refer to the exhibit.

The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.

How does FortiGate process the traffic sent to http://www.fortinet.com?

16. Refer to the exhibit to view the firewall policy.

Which statement is correct if well-known viruses are not being blocked?

17. Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

18. Refer to the exhibit.

The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check.

Which interface will be selected as an outgoing interface?

19. Which statement regarding the firewall policy authentication timeout is true?

20. Which of the following statements about central NAT are true? (Choose two.)

21. Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices.

The administrator has determined that phase 1 status is up. but phase 2 fails to come up.

Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?

22. Which scanning technique on FortiGate can be enabled only on the CLI?

23. An administrator has configured two-factor authentication to strengthen SSL VPN access.

Which additional best practice can an administrator implement?

24. Which two types of traffic are managed only by the management VDOM? (Choose two.)

25. If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

26. Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

27. Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

28. Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?

29. Refer to the exhibit.

The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.

The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access internet. The To_lnternet VDOM is the only VDOM with internet access and is directly connected to ISP modem.

Which two statements are true? (Choose two.)

30. Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?

31. Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

32. Which three statements about a flow-based antivirus profile are correct? (Choose three.)

33. Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

34. Refer to the FortiGuard connection debug output.

Based on the output shown in the exhibit, which two statements are correct? (Choose two.)

35. Examine this output from a debug flow:

Why did the FortiGate drop the packet?

36. Refer to the exhibit.

In the network shown in the exhibit, the web client cannot connect to the HTTP web server. The administrator runs the FortiGate built-in sniffer and gets the output as shown in the exhibit.

What should the administrator do next to troubleshoot the problem?

37. Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

38. An administrator is running the following sniffer command:

diagnose aniffer packer any "host 192.168.2.12" 5

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

39. Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)

40. An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24.

How must the administrator configure the local quick mode selector for site B?

41. How does FortiGate act when using SSL VPN in web mode?

42. Refer to the exhibit.

Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?

43. Examine the exhibit, which contains a virtual IP and firewall policy configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24.

The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a VIP as the destination address.

Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

44. Refer to the exhibits.

The SSL VPN connection fails when a user attempts to connect to it.

What should the user do to successfully connect to SSL VPN?

45. Which two protocol options are available on the CLI but not on the GUI when configuring an SD-WAN Performance SLA? (Choose two.)

46. How do you format the FortiGate flash disk?

47. Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine

whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.

What is a possible reason for this?

48. Refer to the exhibit.

The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24.

The LAN (port3) interface has the IP address 10.0.1.254/24.

A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).

Central NAT is enabled, so NAT settings from matching Central SNAT policies will be

applied.

Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?

49. Which statement about the policy ID number of a firewall policy is true?

50. Refer to the exhibit.

Which contains a Performance SLA configuration.

An administrator has configured a performance SLA on FortiGate.

Which failed to generate any traffic.

Why is FortiGate not generating any traffic for the performance SLA?