CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

NSE4 NSE4_FGT-6.4 Full Course Free

Page: 6 / 6
Total 165 questions
Get NSE4_FGT-6.4 Full Access Download NSE4_FGT-6.4 PDF

Fortinet NSE 4 - FortiOS 6.4 Questions and Answers

Question 21

Which statement regarding the firewall policy authentication timeout is true?

Options:

A.

It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source IP.

B.

It is a hard timeout. The FortiGate removes the temporary policy for a user’s source IP address after this timer has expired.

C.

It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source MAC.

D.

It is a hard timeout. The FortiGate removes the temporary policy for a user’s source MAC address after this timer has expired.

Question 22

An administrator has configured a route-based IPsec VPN between two FortiGate devices. Which statement about this IPsec VPN configuration is true?

Options:

A.

A phase 2 configuration is not required.

B.

This VPN cannot be used as part of a hub-and-spoke topology.

C.

A virtual IPsec interface is automatically created after the phase 1 configuration is completed.

D.

The IPsec firewall policies must be placed at the top of the list.

Question 23

Refer to the exhibits.

The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor Facebook.

Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.

Which part of the policy configuration must you change to resolve the issue?

Options:

A.

The SSL inspection needs to be a deep content inspection.

B.

Force access to Facebook using the HTTP service.

C.

Additional application signatures are required to add to the security policy.

D.

Add Facebook in the URL category in the security policy.

Question 24

An administrator needs to increase network bandwidth and provide redundancy.

What interface type must the administrator select to bind multiple FortiGate interfaces?

Options:

A.

VLAN interface

B.

Software Switch interface

C.

Aggregate interface

D.

Redundant interface

Page: 6 / 6
Total 165 questions
Get NSE4_FGT-6.4 Full Access Download NSE4_FGT-6.4 PDF