An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?

Strict RPF checks the best route back to the source using the incoming interface

The strict RPF check is run on the first sent and reply packet of any new session.

Strict RPF checks only for the existence of at cast one active route back to the source using the incoming interface.

Strict RPF allows packets back to sources with all active routes

The global settings on a FortiGate device must be changed to align with company security policies. What does the Administrator account need to access the FortiGate global settings?

Enable restrict access to trusted hosts

Enable two-factor authentication

Which engine handles application control traffic on the next-generation firewall (NGFW) FortiGate?

Intrusion prevention system engine

An administrator has configured outgoing Interface any in a firewall policy. Which statement is true about the policy list view?

Interface Pair view will be disabled.

Policy lookup will be disabled.

By Sequence view will be disabled

An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?

Add user accounts to the Ignore User List.

Add the support of NTLM authentication

Add user accounts to Active Directory (AD).

Add user accounts to the FortiGate group fitter

Which contains a session list output. Based on the information shown in the exhibit, which statement is true?

One-to-one NAT IP pool is used in the firewall policy.

Destination NAT is disabled in the firewall policy.

Overload NAT IP pool is used in the firewall policy

Port block allocation IP pool is used in the firewall policy

Which two statements are true about the FGCP protocol? (Choose two.)

Elects the primary FortiGate device

Runs only over the heartbeat links

Not used when FortiGate is in Transparent mode

Is used to discover FortiGate devices in different HA groups

How does FortiGate act when using SSL VPN in web mode?

FortiGate acts as an HTTP reverse proxy.

FortiGate acts as an FDS server

Which two statements about SSL VPN between two FortiGate devices are true? (Choose two.)

The client FortiGate uses the SSL VPN tunnel interface type to connect SSL VPN.

Server FortiGate requires a CA certificate to verify the client FortiGate certificate.

The client FortiGate requires a client certificate signed by the CA on the server FortiGate

The client FortiGate requires a manually added route to remote subnets.

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the reason for the failed virus detection by FortiGate?

SSL/SSH Inspection profile is incorrect

Application control is not enabled

Antivirus profile configuration is incorrect

Antivirus definitions are not up to date

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

FortiGate uses the SMB protocol to read the event viewer logs from the DCs.

FortiGate queries AD by using the LDAP to retrieve user group information.

FortiGate points the collector agent to use a remote LDAP server.

FortiGate uses the AD server as the collector agent.

Which of the following are purposes of NAT traversal in IPsec? (Choose two.)

To detect intermediary NAT devices in the tunnel path.

To encapsulation ESP packets in UDP packets using port 4500.

To dynamically change phase 1 negotiation mode aggressive mode

To force a new DH exchange with each phase 2 rekey.

Exam Questions NSE4_FGT-7.0 Fortinet NSE 4 - FortiOS 7.0

Professional Development

•

22 Qs

Similar activities

220-1101 Chapter 1

Professional Development

•

17 Qs

Window Server 2016 (70-742)

University - Professional Development

•

20 Qs

Glovo Challenge

Professional Development

•

20 Qs

CEH V11 MOCK 2

Professional Development

•

20 Qs

Windows 11

3rd Grade - Professional Development

•

20 Qs

ข้อสอบก่อนเรียน Google Slides

Professional Development

•

20 Qs

Service Cloud Pizza Session

Professional Development

•

20 Qs

MTA Networking Chapter 2 revision

Professional Development

•

20 Qs

Exam Questions NSE4_FGT-7.0 Fortinet NSE 4 - FortiOS 7.0

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Hard

Romina Valor

Used 16+ times

FREE Resource

22 questions

Show all answers

MULTIPLE CHOICE QUESTION

15 mins • 5 pts

An administrator wants to configure timeouts for users. Regardless of the user€™s behavior, the timer should start as soon as the user authenticates and expire after the configured value. Which timeout option should be configured on FortiGate?

auth-on-demand

soft-timeout

idle-timeout

new-session

hard-timeout

MULTIPLE SELECT QUESTION

15 mins • 5 pts

Which three options are the remote log storage options you can configure on FortiGate? (Choose three.)

FortiCache

FortiSIEM

FortiAnalyzer

FortiSandbox

FortiCloud

MULTIPLE SELECT QUESTION

15 mins • 5 pts

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

System time

FortiGuaid update servers

Operating mode

NGFW mode

MULTIPLE CHOICE QUESTION

15 mins • 5 pts

Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

The signature setting uses a custom rating threshold.

The signature setting includes a group of other signatures.

Traffic matching the signature will be allowed and logged.

Traffic matching the signature will be silently dropped and logged

MULTIPLE CHOICE QUESTION

15 mins • 5 pts

Which statement correctly describes NetAPI polling mode for the FSSO collector agent?

The collector agent uses a Windows API to query DCs for user logins.

NetAPI polling can increase bandwidth usage in large networks.

The collector agent must search security event logs.

The NetSession Enum function is used to track user logouts

MULTIPLE CHOICE QUESTION

15 mins • 5 pts

An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel. Which DPD mode on FortiGate will meet the above requirement?

Disabled

On Demand

Enabled

On Idle

MULTIPLE SELECT QUESTION

15 mins • 5 pts

An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not sending probes to 4.2.2.2 and 4.2.2.1 servers? (Choose two.)

The Detection Mode setting is not set to Passive.

Administrator didn't configure a gateway for the SD-WAN members, or configured gateway is not valid.

The configured participants are not SD-WAN members.

The Enable probe packets setting is not enabled.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

23 questions

Sec+ Extra Study

Quiz

•

Professional Development

24 questions

A+ - 17A - Managing Security Settings

Quiz

•

Professional Development

27 questions

Input and output ports

Quiz

•

University - Professi...

17 questions

MOC 20744C-Securing Windows Server 2016 - Part 2

Quiz

•

Professional Development

18 questions

Infrastructure Architects and Network administrators Quiz

Quiz

•

11th Grade - Professi...

18 questions

CISCO M1 - Basic Device Configuration (Module 1)

Quiz

•

Professional Development

20 questions

Advance Networking - Final Quiz

Quiz

•

Professional Development

17 questions

Preguntas NS7 - Test No. 2

Quiz

•

Professional Development

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Computers

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

25 questions

Christmas Movies

Quiz

•

Professional Development

20 questions

Christmas Trivia

Quiz

•

Professional Development

15 questions

Fun Holiday Trivia

Quiz

•

Professional Development

25 questions

Name That Tune - Christmas

Quiz

•

Professional Development

29 questions

Christmas Song Emoji Pictionary

Quiz

•

Professional Development

9 questions

Holiday Movie Trivia

Lesson

•

Professional Development

34 questions

Winter Trivia

Quiz

•

Professional Development