NSE4_FGT-7.0 Exam Results

Fortinet NSE 4 - FortiOS 7.0 Questions and Answers

Question 13

What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

Traffic to botnetservers

Traffic to inappropriate web sites

Server information disclosure attacks

Credit card data leaks

SQL injection attacks

Question 14

Which statement about the policy ID number of a firewall policy is true?

It is required to modify a firewall policy using the CLI.

It represents the number of objects used in the firewall policy.

It changes when firewall policies are reordered.

It defines the order in which rules are processed.

Question 15

Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).

Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

The firewall policy performs the full content inspection on the file.

The flow-based inspection is used, which resets the last packet to the user.

The volume of traffic being inspected is too high for this model of FortiGate.

The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

Question 16

Which three statements about a flow-based antivirus profile are correct? (Choose three.)

IPS engine handles the process as a standalone.

FortiGate buffers the whole file but transmits to the client simultaneously.

If the virus is detected, the last packet is delivered to the client.

Optimized performance compared to proxy-based inspection.

Flow-based inspection uses a hybrid of scanning modes available in proxy-based inspection.