NSE4_FGT-7.0

Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)A . FortiGuard web filter cacheB . FortiGate hostnameC . NTPD . DNSView AnswerAnswer: C,D

Which two statements are correct about NGFW Policy-based mode? (Choose two.)A . NGFW policy-based mode does not require the use of central source NAT policyB . NGFW policy-based mode can only be applied globally and not on individual VDOMsC . NGFW policy-based mode supports creating applications and web filtering categories...

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the...

Which two statements about FortiGate FSSO agentless polling mode are true? (Choose two.)A . FortiGate uses the AD server as the collector agent.B . FortiGate uses the SMB protocol to read the event viewer logs from the DCs.C . FortiGate does not support workstation check.D . FortiGate directs the collector...

Refer to the exhibit. Which contains a session list output. Based on the information shown in the exhibit, which statement is true?A . Destination NAT is disabled in the firewall policy.B . One-to-one NAT IP pool is used in the firewall policy.C . Overload NAT IP pool is used in...

Refer to the exhibit. Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?A . The signature setting uses a custom rating threshold.B . The signature setting includes a group of other signatures.C . Traffic matching the...

A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service. What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to...

Refer to the exhibit showing a debug flow output. Which two statements about the debug flow output are correct? (Choose two.)A . The debug flow is of ICMP traffic.B . A firewall policy allowed the connection.C . A new traffic session is created.D . The default route is required to...

Which two statements are correct about SLA targets? (Choose two.) A. You can configure only two SLA targets per one Performance SLA. B. SLA targets are optional. C. SLA targets are required for SD-WAN rules with a Best Quality strategy. D. SLA targets are used only when referenced by an...

Refer to the exhibits. Exhibit A shows system performance output. Exhibit B shows s FortiGate configured with the default configuration of high memory usage thresholds. Based on the system performance output, which two statements are correct? (Choose two.)A . Administrators can access FortiGate only through the console port.B . FortiGate...