Free NSE4_FGT-6.4 Questions Attempt

Fortinet NSE 4 - FortiOS 6.4 Questions and Answers

Question 5

Refer to the exhibit.

The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration.

The WAN (port1) interface has the IP address 10.200.1.1/24.

The LAN (port3) interface has the IP address 10 .0.1.254. /24.

The first firewall policy has NAT enabled using IP Pool.

The second firewall policy is configured with a VIP as the destination address.

Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?

Options:

10.200.1.1

10.200.3.1

10.200.1.100

10.200.1.10

Question 6

Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?

Options:

Root VDOM

FG-traffic VDOM

Customer VDOM

Global VDOM

Question 7

An administrator must disable RPF check to investigate an issue.

Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?

Options:

Enable asymmetric routing, so the RPF check will be bypassed.

Disable the RPF check at the FortiGate interface level for the source check.

Disable the RPF check at the FortiGate interface level for the reply check.

Enable asymmetric routing at the interface level.

Question 8

Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

Options:

hard-timeout

auth-on-demand

soft-timeout

new-session

Idle-timeout

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Fortinet NSE 4 - FortiOS 6.4 Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

CompTIA

Fortinet

Microsoft

Salesforce