NSE4 NSE4_FGT-6.2 Syllabus Exam Questions Answers

Fortinet NSE 4 - FortiOS 6.2 Questions and Answers

Question 5

Examine the routing database shown in the exhibit, and then answer the following question:

Which of the following statements are correct? (Choose two.)

The port3 default route has the highest distance.

The port3 default route has the lowest metric.

There will be eight routes active in the routing table.

The port1 and port2 default routes are active in the routing table.

Question 6

HTTP Public Key Pinning (HPKP) can be an obstacle to implementing full SSL inspection. What solutions could resolve this problem? (Choose two.)

Enable Allow Invalid SSL Certificates for the relevant security profile.

Change web browsers to one that does not support HPKP.

Exempt those web sites that use HPKP from full SSL inspection.

Install the CA certificate (that is required to verify the web server certificate) stores of users’ computers.

Question 7

Examine the IPS sensor configuration shown in the exhibit, and then answer the question below.

What are the expected actions if traffic matches this IPS sensor? (Choose two.)

The sensor will gather a packet log for all matched traffic.

The sensor will not block attackers matching the A32S.Botnet signature.

The sensor will block all attacks for Windows servers.

The sensor will reset all connections that match these signatures.

Question 8

Which of the following statements are true when using WPAD with the DHCP discovery method? (Choose two.)

If the DHCP method fails, browsers will try the DNS method.

The browser needs to be preconfigured with the DHCP server’s IP address.

The browser sends a DHCPONFORM request to the DHCP server.

The DHCP server provides the PAC file for download.