CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE4_FGT-7.0 Dumps Questions Answers

Page: 1 / 6
Total 173 questions
Get NSE4_FGT-7.0 Full Access Download NSE4_FGT-7.0 PDF

Fortinet NSE 4 - FortiOS 7.0 Questions and Answers

Question 1

To complete the final step of a Security Fabric configuration, an administrator must authorize all the devices on

which device?

Options:

A.

FortiManager

B.

Root FortiGate

C.

FortiAnalyzer

D.

Downstream FortiGate

Buy Now
Question 2

An administrator is running the following sniffer command:

Which three pieces of Information will be Included in me sniffer output? {Choose three.)

Options:

A.

Interface name

B.

Packet payload

C.

Ethernet header

D.

IP header

E.

Application header

Question 3

An administrator needs to increase network bandwidth and provide redundancy.

What interface type must the administrator select to bind multiple FortiGate interfaces?

Options:

A.

VLAN interface

B.

Software Switch interface

C.

Aggregate interface

D.

Redundant interface

Question 4

Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

An administrator has configured the WINDOWS_SERVERS IPS sensor in an attempt to determine

whether the influx of HTTPS traffic is an attack attempt or not. After applying the IPS sensor, FortiGate is still not generating any IPS logs for the HTTPS traffic.

What is a possible reason for this?

Options:

A.

The IPS filter is missing the Protocol: HTTPS option.

B.

The HTTPS signatures have not been added to the sensor.

C.

A DoS policy should be used, instead of an IPS sensor.

D.

A DoS policy should be used, instead of an IPS sensor.

E.

The firewall policy is not using a full SSL inspection profile.

Question 5

Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

Options:

A.

diagnose sys top

B.

execute ping

C.

execute traceroute

D.

diagnose sniffer packet any

E.

get system arp

Question 6

Which Security rating scorecard helps identify configuration weakness and best practice violations in your network?

Options:

A.

Fabric Coverage

B.

Automated Response

C.

Security Posture

D.

Optimization

Question 7

NGFW mode allows policy-based configuration for most inspection rules. Which security profile’s configuration does not change when you enable policy-based inspection?

Options:

A.

Web filtering

B.

Antivirus

C.

Web proxy

D.

Application control

Question 8

What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Options:

A.

It limits the scanning of application traffic to the DNS protocol only.

B.

It limits the scanning of application traffic to use parent signatures only.

C.

It limits the scanning of application traffic to the browser-based technology category only.

D.

It limits the scanning of application traffic to the application category only.

Question 9

If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

Options:

A.

The Services field prevents SNAT and DNAT from being combined in the same policy.

B.

The Services field is used when you need to bundle several VIPs into VIP groups.

C.

The Services field removes the requirement to create multiple VIPs for different services.

D.

The Services field prevents multiple sources of traffic from using multiple services to connect to a single

computer.

Question 10

In which two ways can RPF checking be disabled? (Choose two )

Options:

A.

Enable anti-replay in firewall policy.

B.

Disable the RPF check at the FortiGate interface level for the source check

C.

Enable asymmetric routing.

D.

Disable strict-arc-check under system settings.

Question 11

Which of statement is true about SSL VPN web mode?

Options:

A.

The tunnel is up while the client is connected.

B.

It supports a limited number of protocols.

C.

The external network application sends data through the VPN.

D.

It assigns a virtual IP address to the client.

Question 12

How do you format the FortiGate flash disk?

Options:

A.

Load a debug FortiOS image.

B.

Load the hardware test (HQIP) image.

C.

Execute the CLI command execute formatlogdisk.

D.

Select the format boot device option from the BIOS menu.

Question 13

What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

Options:

A.

Traffic to botnetservers

B.

Traffic to inappropriate web sites

C.

Server information disclosure attacks

D.

Credit card data leaks

E.

SQL injection attacks

Question 14

Which statement about the policy ID number of a firewall policy is true?

Options:

A.

It is required to modify a firewall policy using the CLI.

B.

It represents the number of objects used in the firewall policy.

C.

It changes when firewall policies are reordered.

D.

It defines the order in which rules are processed.

Question 15

Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

Options:

A.

The firewall policy performs the full content inspection on the file.

B.

The flow-based inspection is used, which resets the last packet to the user.

C.

The volume of traffic being inspected is too high for this model of FortiGate.

D.

The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

Question 16

Which three statements about a flow-based antivirus profile are correct? (Choose three.)

Options:

A.

IPS engine handles the process as a standalone.

B.

FortiGate buffers the whole file but transmits to the client simultaneously.

C.

If the virus is detected, the last packet is delivered to the client.

D.

Optimized performance compared to proxy-based inspection.

E.

Flow-based inspection uses a hybrid of scanning modes available in proxy-based inspection.

Question 17

Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

Options:

A.

Social networking web filter category is configured with the action set to authenticate.

B.

The action on firewall policy ID 1 is set to warning.

C.

Access to the social networking web filter category was explicitly blocked to all users.

D.

The name of the firewall policy is all_users_web.

Question 18

FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax.

Which two syntaxes are correct to configure web rating for the home page? (Choose two.)

Options:

A.

www.example.com:443

B.

www.example.com

C.

example.com

D.

www.example.com/index.html

Question 19

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

Options:

A.

System time

B.

FortiGuaid update servers

C.

Operating mode

D.

NGFW mode

Question 20

Which statement is correct regarding the inspection of some of the services available by web applications embedded in third-party websites?

Options:

A.

The security actions applied on the web applications will also be explicitly applied on the third-party websites.

B.

The application signature database inspects traffic only from the original web application server.

C.

FortiGuard maintains only one signature of each web application that is unique.

D.

FortiGate can inspect sub-application traffic regardless where it was originated.

Question 21

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)

Options:

A.

Proxy-based inspection

B.

Certificate inspection

C.

Flow-based inspection

D.

Full Content inspection

Question 22

How does FortiGate act when using SSL VPN in web mode?

Options:

A.

FortiGate acts as an FDS server.

B.

FortiGate acts as an HTTP reverse proxy.

C.

FortiGate acts as DNS server.

D.

FortiGate acts as router.

Question 23

Refer to the exhibit.

The exhibit shows the IPS sensor configuration.

If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)

Options:

A.

The sensor will allow attackers matching the NTP.Spoofed.KoD.DoS signature.

B.

The sensor will block all attacks aimed at Windows servers.

C.

The sensor will reset all connections that match these signatures.

D.

The sensor will gather a packet log for all matched traffic.

Question 24

Refer to the exhibit.

An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic.

Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)

Options:

A.

The Detection Mode setting is not set to Passive.

B.

Administrator didn't configure a gateway for the SD-WAN members, or configured gateway is not valid.

C.

The configured participants are not SD-WAN members.

D.

The Enable probe packets setting is not enabled.

Question 25

Refer to the exhibit.

Which contains a session list output. Based on the information shown in the exhibit, which statement is true?

Options:

A.

Destination NAT is disabled in the firewall policy.

B.

One-to-one NAT IP pool is used in the firewall policy.

C.

Overload NAT IP pool is used in the firewall policy.

D.

Port block allocation IP pool is used in the firewall policy.

Exam Detail
Vendor: Fortinet
Certification: Fortinet Other Certification
Exam Code: NSE4_FGT-7.0
Exam Name: Fortinet NSE 4 - FortiOS 7.0
Last Update: Dec 22, 2024
NSE4_FGT-7.0 Question Answers
Page: 1 / 6
Total 173 questions
Get NSE4_FGT-7.0 Full Access Download NSE4_FGT-7.0 PDF