11.11 Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass NSE4_FGT-7.2 Exam Guide

Page: 7 / 12
Total 170 questions

Fortinet NSE 4 - FortiOS 7.2 Questions and Answers

Question 25

What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.)

Options:

A.

FortiGate uses fewer resources.

B.

FortiGate performs a more exhaustive inspection on traffic.

C.

FortiGate adds less latency to traffic.

D.

FortiGate allocates two sessions per connection.

Question 26

Refer to the exhibit.

Which contains a session list output. Based on the information shown in the exhibit, which statement is true?

Options:

A.

Destination NAT is disabled in the firewall policy.

B.

One-to-one NAT IP pool is used in the firewall policy.

C.

Overload NAT IP pool is used in the firewall policy.

D.

Port block allocation IP pool is used in the firewall policy.

Question 27

Refer to the exhibit, which contains a session diagnostic output.

Which statement is true about the session diagnostic output?

Options:

A.

The session is a UDP unidirectional state.

B.

The session is in TCP ESTABLISHED state.

C.

The session is a bidirectional UDP connection.

D.

The session is a bidirectional TCP connection.

Question 28

Which two statements explain antivirus scanning modes? (Choose two.)

Options:

A.

In proxy-based inspection mode, files bigger than the buffer size are scanned.

B.

In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.

C.

In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.

D.

In flow-based inspection mode, files bigger than the buffer size are scanned.

Page: 7 / 12
Total 170 questions