Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Master the Fortinet NSE 4 - FortiOS 7.2 NSE4_FGT-7.2 Exam with Confidence!

Questions 11

FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax.

Which two syntaxes are correct to configure web rating for the home page? (Choose two.)

Options:

A.

<a href="www.example.com:443">www.example.com:443</a>

B.

<a href="www.example.com">www.example.com</a>

C.

example.com

D.

<a href="www.example.com/index.html">www.example.com/index.html</a>

Buy Now
Questions 12

By default, FortiGate is configured to use HTTPS when performing live web filtering with FortiGuard servers.

Which CLI command will cause FortiGate to use an unreliable protocol to communicate with FortiGuard servers for live web filtering?

Options:

A.

set fortiguard-anycast disable

B.

set webfilter-force-off disable

C.

set webfilter-cache disable

D.

set protocol tcp

Buy Now
Questions 13

20

Which two statements are true about the RPF check? (Choose two.)

Options:

A.

The RPF check is run on the first sent packet of any new session.

B.

The RPF check is run on the first reply packet of any new session.

C.

The RPF check is run on the first sent and reply packet of any new session.

D.

RPF is a mechanism that protects FortiGate and your network from IP spoofing attacks.

Buy Now
Questions 14

99

An administrator needs to configure VPN user access for multiple sites using the same soft FortiToken. Each site has a FortiGate VPN gateway. What must an administrator do to achieve this objective?

Options:

A.

The administrator can register the same FortiToken on more than one FortiGate.

B.

The administrator must use a FortiAuthenticator device

C.

The administrator can use a third-party radius OTP server.

D.

The administrator must use the user self-registration server.

Buy Now
Questions 15

Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?

Options:

A.

By default, FortiGate uses WINS servers to resolve names.

B.

By default, the SSL VPN portal requires the installation of a client's certificate.

C.

By default, split tunneling is enabled.

D.

By default, the admin GUI and SSL VPN portal use the same HTTPS port.

Buy Now
Questions 16

51

Which of the following statements about central NAT are true? (Choose two.)

Options:

A.

IP tool references must be removed from existing firewall policies before enabling central NAT .

B.

Central NAT can be enabled or disabled from the CLI only.

C.

Source NAT, using central NAT, requires at least one central SNAT policy.

D.

Destination NAT, using central NAT, requires a VIP object as the destination address in a firewall.

Buy Now
Questions 17

What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Options:

A.

It limits the scanning of application traffic to the DNS protocol only.

B.

It limits the scanning of application traffic to use parent signatures only.

C.

It limits the scanning of application traffic to the browser-based technology category only.

D.

It limits the scanning of application traffic to the application category only.

Buy Now
Questions 18

34

The HTTP inspection process in web filtering follows a specific order when multiple features are enabled in the web filter profile. What order must FortiGate use when the web filter profile has features enabled, such as safe search?

Options:

A.

DNS-based web filter and proxy-based web filter

B.

Static URL filter, FortiGuard category filter, and advanced filters

C.

Static domain filter, SSL inspection filter, and external connectors filters

D.

FortiGuard category filter and rating filter

Buy Now
Questions 19

Refer to the exhibit.

NSE4_FGT-7.2 Question 19

Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?

Options:

A.

Custom permission for Network

B.

Read/Write permission for Log & Report

C.

CLI diagnostics commands permission

D.

Read/Write permission for Firewall

Buy Now
Questions 20

7

An administrator has a requirement to keep an application session from timing out on port 80. What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)

Options:

A.

Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy.

B.

Create a new service object for HTTP service and set the session TTL to never

C.

Set the TTL value to never under config system-ttl

D.

Set the session TTL on the HTTP policy to maximum

Buy Now
Exam Code: NSE4_FGT-7.2
Exam Name: Fortinet NSE 4 - FortiOS 7.2
Last Update: May 20, 2024
Questions: 170

PDF + Testing Engine
$159.99
$64
Add to Cart

Testing Engine
$119.99
$48
Add to Cart

PDF (Q&A)
$99.99
$40
Add to Cart

How to Pass NSE4_FGT-7.2 Exams