NSE4_FGT-6.2

In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?A . Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.B . Client > secondary FortiGate>...

An administrator has configured two VLAN interfaces: A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?A . Both interfaces must...

Which of the following statements about converse mode are true? (Choose two.)A . FortiGate stops sending files to FortiSandbox for inspection.B . FortiGate stops doing RPF checks over incoming packets.C . Administrators cannot change the configuration.D . Administrators can access the FortiGate only through the console port.View AnswerAnswer: A C

What information is flushed when the chunk-size value is changed in the config dlp settings?A . The database for DLP document fingerprintingB . The supported file types in the DLP filtersC . The archived files and messagesD . The file name patterns in the DLP filtersView AnswerAnswer: A Explanation: https://help.fortinet.com/cli/fos50hlp/56/Content/FortiOS/fortiOS-cli-ref-56/config/dlp/settings.htm

Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)A . Lookup is done on the first packet from the session originatorB . Lookup is done on the last packet sent from the responderC . Lookup is done on every packet,...

Examine the exhibit, which shows the partial output of an IKE real-time debug. Which of the following statement about the output is true?A . The VPN is configured to use pre-shared key authentication.B . Extended authentication (XAuth) was successful.C . Remote is the host name of the remote IPsec peer.D...

Examine the exhibit, which contains a virtual IP and firewall policy configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24. The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a...

If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does FortiGate take?A . It notifies the administrator by sending an email.B . It provides a DLP block replacement page with a link to download the file.C . It blocks all future traffic for...

View the exhibit. Based on the configuration shown in the exhibit, what statements about application control behavior are true? (Choose two.)A . Access to all unknown applications will be allowed.B . Access to browser-based Social.Media applications will be blocked.C . Access to mobile social media applications will be blocked.D ....

You are configuring the root FortiGate to implement the security fabric. You are configuring port10 to communicate with a downstream FortiGate. V iew the default Edit Interface in the exhibit below: When configuring the root FortiGate to communicate with a downstream FortiGate, which settings are required to be configured? (Choose...