NSE4 NSE4_FGT-6.2 Fortinet Study Notes

Fortinet NSE 4 - FortiOS 6.2 Questions and Answers

Question 13

View the exhibit.

A user behind the FortiGate is trying to go to (Addicting Games). Based on this configuration, which statement is true?

Addicting.Games is allowed based on the Application Overrides configuration.

Addicting.Games is blocked on the Filter Overrides configuration.

Addicting.Games can be allowed only if the Filter Overrides actions is set to Exempt.

Addcting.Games is allowed based on the Categories configuration.

Question 14

An administrator has configured a route-based IPsec VPN between two FortiGate devices. Which statement about this IPsec VPN configuration is true?

A phase 2 configuration is not required.

This VPN cannot be used as part of a hub-and-spoke topology.

A virtual IPsec interface is automatically created after the phase 1 configuration is completed.

The IPsec firewall policies must be placed at the top of the list.

Question 15

Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides

(client and server) have terminated the session?

To remove the NAT operation.

To generate logs

To finish any inspection operations.

To allow for out-of-order packets that could arrive after the FIN/ACK packets.

Question 16

How do you format the FortiGate flash disk?

Load a debug FortiOS image.

Load the hardware test (HQIP) image.

Execute the CLI command execute formatlogdisk.

Select the format boot device option from the BIOS menu.