Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. Fortinet
  3. NSE4
  4. NSE4_FGT-7.2
  5. Fortinet NSE 4 - FortiOS 7.2 Questions and Answers

Pass the Fortinet NSE4 NSE4_FGT-7.2 Questions and answers with ValidTests

Exam NSE4_FGT-7.2 All Questions
Exam NSE4_FGT-7.2 Premium Access

View all detail and faqs for the NSE4_FGT-7.2 exam

Go to Exam
Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions
Questions # 1:

FortiGate is operating in NAT mode and is configured with two virtual LAN (VLAN) subinterfaces added to the same physical interface.

In this scenario, which statement about VLAN IDs is true?

Options:

A.

The two VLAN subinterfaces can have the same VLAN ID only if they belong to different VDOMs.

B.

The two VLAN subinterfaces must have different VLAN IDs.

C.

The two VLAN subinterfaces can have the same VLAN ID only if they have IP addresses in the same subnet.

D.

The two VLAN subinterfaces can have the same VLAN ID only if they have IP addresses in different subnets.

Expert Solution
Questions # 2:

Which statement about the deployment of the Security Fabric in a multi-VDOM environment is true?

Options:

A.

VDOMs without ports with connected devices are not displayed in the topology.

B.

Downstream devices can connect to the upstream device from any of their VDOMs.

C.

Security rating reports can be run individually for each configured VDOM.

D.

Each VDOM in the environment can be part of a different Security Fabric.

Expert Solution
Questions # 3:

Refer to the exhibit to view the application control profile.

Question # 3

Based on the configuration, what will happen to Apple FaceTime?

Options:

A.

Apple FaceTime will be blocked, based on the Excessive-Bandwidth filter configuration

B.

Apple FaceTime will be allowed, based on the Apple filter configuration.

C.

Apple FaceTime will be allowed only if the filter in Application and Filter Overrides is set to Learn

D.

Apple FaceTime will be allowed, based on the Categories configuration.

Expert Solution
Questions # 4:

Refer to the exhibit.

Question # 4

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

Options:

A.

Traffic between port2 and port2-vlan1 is allowed by default.

B.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain.

C.

port1 is a native VLAN.

D.

port1-vlan and port2-vlan1 can be assigned in the same VDOM or to different VDOMs.

Expert Solution
Questions # 5:

Refer to the exhibits.

Question # 5

Question # 5

The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?

Options:

A.

Change the SSL VPN port on the client.

B.

Change the Server IP address.

C.

Change the idle-timeout.

D.

Change the SSL VPN portal to the tunnel.

Expert Solution
Questions # 6:

18

If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

Options:

A.

A CRL

B.

A person

C.

A subordinate CA

D.

A root CA

Expert Solution
Questions # 7:

55

In which two ways can RPF checking be disabled? (Choose two )

Options:

A.

Enable anti-replay in firewall policy.

B.

Disable the RPF check at the FortiGate interface level for the source check

C.

Enable asymmetric routing.

D.

Disable strict-arc-check under system settings.

Expert Solution
Questions # 8:

Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)

Options:

A.

FortiGate points the collector agent to use a remote LDAP server.

B.

FortiGate uses the AD server as the collector agent.

C.

FortiGate uses the SMB protocol to read the event viewer logs from the DCs.

D.

FortiGate queries AD by using the LDAP to retrieve user group information.

Expert Solution
Questions # 9:

7

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

Options:

A.

System time

B.

FortiGuaid update servers

C.

Operating mode

D.

NGFW mode

Expert Solution
Questions # 10:

32

When configuring a firewall virtual wire pair policy, which following statement is true?

Options:

A.

Any number of virtual wire pairs can be included, as long as the policy traffic direction is the same.

B.

Only a single virtual wire pair can be included in each policy.

C.

Any number of virtual wire pairs can be included in each policy, regardless of the policy traffic direction settings.

D.

Exactly two virtual wire pairs need to be included in each policy.

Expert Solution
Viewing page 1 out of 5 pages
Viewing questions 1-10 out of questions