11.11 Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pearson NSE4_FGT-7.2 New Attempt

Page: 8 / 12
Total 170 questions

Fortinet NSE 4 - FortiOS 7.2 Questions and Answers

Question 29

109

Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides

(client and server) have terminated the session?

Options:

A.

To remove the NAT operation.

B.

To generate logs

C.

To finish any inspection operations.

D.

To allow for out-of-order packets that could arrive after the FIN/ACK packets.

Question 30

20

Which two statements are true about the RPF check? (Choose two.)

Options:

A.

The RPF check is run on the first sent packet of any new session.

B.

The RPF check is run on the first reply packet of any new session.

C.

The RPF check is run on the first sent and reply packet of any new session.

D.

RPF is a mechanism that protects FortiGate and your network from IP spoofing attacks.

Question 31

Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command.

Which statement is correct If option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?

Options:

A.

The IPS engine was inspecting high volume of traffic.

B.

The IPS engine was unable to prevent an intrusion attack .

C.

The IPS engine was blocking all traffic.

D.

The IPS engine will continue to run in a normal state.

Question 32

Refer to the exhibits.

Exhibit A shows system performance output. Exhibit B shows a FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)

Options:

A.

Administrators can access FortiGate only through the console port.

B.

FortiGate has entered conserve mode.

C.

FortiGate will start sending all files to FortiSandbox for inspection.

D.

Administrators cannot change the configuration.

Page: 8 / 12
Total 170 questions