NSE4_FGT-6.0 Practice Test Questions - Fortinet NSE 4 – FortiOS 6.0

  Edina  03-05-2019

If you want instant success in the NSE4_FGT-6.0 exam then Passquestion is the best option for you to score good grades in the NSE4_FGT-6.0 exam.  You will get the latest NSE4_FGT-6.0 Practice Test Questions to pass your Fortinet NSE 4 – FortiOS 6.0 exam successfully.

NSE 4 – Network Security Professional designation recognizes the ability to install and manage the day-to-day configuration, monitoring, and operation of a FortiGate device to support specific corporate network security policies. NSE 4 certification based on FortiGate Security and FortiGate Infrastructure courses are highly recommended to prepare candidates for the Fortinet NSE 4 to FortiOS 6.0 exam.

About the NSE 4 NSE4_FGT-6.0 Exams

Language: English and Japanese
Available at: Pearson VUE Test Centers worldwide
Number of items on FortiOS 6.0 exam: 70
Time allowed to complete: 120 minutes total test time
Scoring Method: Answers must be 100% correct for credit; there is no partial credit given. There are no deductions for incorrect answers
Type of questions: Multiple Choice, Multiple Select

NSE 4 certification is achieved upon passing the NSE 4 exam. NSE 4 certification is valid for 2 years.

Recertification

Candidates can renew their NSE 4 certification by taking the current NSE 4 exam at a Pearson VUE center.
Obtaining NSE 7 certification automatically renews a candidate’s NSE 4 certification, if their NSE 4 certification has not expired.
Obtaining NSE 8 certification automatically renews a candidate’s NSE 4 certification, even if their NSE 4 certification has expired.

Share NSE4_FGT-5.6 free questions and answers for your reference:

QUESTION NO: 1
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. remote user’s public IP address
B. The public IP address of the FortiGate device.
C. The remote user’s virtual IP address.
D. The internal IP address of the FotiGate device.
Answer: D
 
QUESTION NO: 2
Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)
A. Log downloads from the GUI are limited to the current log filter view
B. Log backups from the CLI cannot be restored to another FortiGate.
C. Log backups from the CLI can be configured to upload to FTP at a scheduled time
D. Log downloads from the GUI are stored as LZ4 compressed files.
Answer: BC

QUESTION NO: 3
A team manager has decided that while some members of the team need access to particular website, the majority of the team does not. Which configuration option is the most effective option to support this request?
A. Implement a web filter category override for the specified website.
B. Implement web filter authentication for the specified website
C. Implement web filter quotas for the specified website.
D. Implement DNS filter for the specified website.
Answer: A

QUESTION NO: 4
Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)
A. Include the group of guest users in a policy.
B. Extend timeout timers.
C. Guarantee at least 34 Kbps bandwidth between FortiGate and domain controllers.
D. Ensure all firewalls allow the FSSO required ports.
Answer: AD

QUESTION NO: 5
Which statements about antivirus scanning mode are true? (Choose two.)
A. In proxy-based inspection mode antivirus buffers the whole file for scarring before sending it to the client.
B. In flow-based inspection mode, you can use the CLI to configure antivirus profiles to use protocol option profiles.
C. In proxy-based inspection mode, if a virus is detected, a replacement message may not be displayed immediately.
D. In quick scan mode, you can configure antivirus profiles to use any of the available signature data bases.
Answer: BD

QUESTION NO: 6
In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?
A. Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.
B. Client > secondary FortiGate> web server.
C. Client >secondary FortiGate> primary FortiGate> web server.
D. Client> primary FortiGate> secondary FortiGate> web server.
Answer: D

QUESTION NO: 7
An administrator is configuring an IPsec between site A and site B. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the local quick mode selector for site B?
A. 192.168.3.0.24
B. 192.168.2.0.24
C. 192.168.1.0.24
D. 192.168.0.0.8
Answer: A

QUESTION NO: 8
Which of the following are purposes of NAT traversal in IPsec? (Choose two.)
A. To delete intermediary NAT devices in the tunnel path.
B. To dynamically change phase 1 negotiation mode aggressive mode.
C. To encapsulation ESP packets in UDP packets using port 4500.
D. To force a new DH exchange with each phase 2 rekey.
Answer: AC

QUESTION NO: 9
Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)
A. Lookup is done on the trust packet from the session originator
B. Lookup is done on the last packet sent from the re spender
C.  Lookup is done on every packet, regardless of direction
D. Lookup is done on the trust reply packet from the re spender
Answer: AB

Leave And reply:

  TOP 50 Exam Questions
Exam