Scribd Logo
Upload

Welcome to Scribd!

  • 8 views

    NSE4 - FGT 7.2 Demo

    Uploaded by

    Francesco Savona

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    NSE4 - FGT 7.2 Demo

    Uploaded by

    Francesco Savona
    8 views6 pages

    Original Title

    NSE4_FGT-7.2-demo

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    8 views6 pages

    NSE4 - FGT 7.2 Demo

    Uploaded by

    Francesco Savona

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 6

    Questions & Answers PDF Page 1

    Fortinet
    NSE4_FGT-7.2 Exam
    Fortinet NSE 4 - FortiOS 7.2

    Thank you for Downloading NSE4_FGT-7.2 exam PDF Demo

    You can also try our NSE4_FGT-7.2 practice exam software

    Download Free Demo


    https://www.certsfire.com/NSE4_FGT-7.2.html

    https://www.certsfire.com
    Questions & Answers PDF Page 2

    Version: 4.2

    Question: 1

    Which two statements are correct about NGFW Policy-based mode? (Choose two.)

    A. NGFW policy-based mode does not require the use of central source NAT policy
    B. NGFW policy-based mode can only be applied globally and not on individual VDOMs
    C. NGFW policy-based mode supports creating applications and web filtering categories directly in a
    firewall policy
    D. NGFW policy-based mode policies support only flow inspection

    Answer: CD
    Explanation:

    Question: 2

    Refer to the exhibit.

    Which contains a session diagnostic output. Which statement is true about the session diagnostic
    output?

    A. The session is in SYN_SENT state.


    B. The session is in FIN_ACK state.
    C. The session is in FTN_WAIT state.
    D. The session is in ESTABLISHED state.

    https://www.certsfire.com
    Questions & Answers PDF Page 3

    Answer: A
    Explanation:

    Indicates TCP (proto=6) session in SYN_SENT state (proto=state=2)


    https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042

    Question: 3

    Which two statements explain antivirus scanning modes? (Choose two.)

    A. In proxy-based inspection mode, files bigger than the buffer size are scanned.
    B. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to
    the client.
    C. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before
    sending it to the client.
    D. In flow-based inspection mode, files bigger than the buffer size are scanned.

    Answer: BC
    Explanation:

    An antivirus profile in full scan mode buffers up to your specified file size limit. The default is 10 MB.
    That is large enough for most files, except video files. If your FortiGate model has more RAM, you
    may be able to increase this threshold. Without a limit, very large files could exhaust the scan
    memory. So, this threshold balances risk and performance. Is this tradeoff unique to FortiGate, or
    to a specific model? No. Regardless of vendor or model, you must make a choice. This is because of
    the difference between scans in theory, that have no limits, and scans on real-world devices, that
    have finite RAM. In order to detect 100% of malware regardless of file size, a firewall would need
    infinitely large RAM--something that no device has in the real world. Most viruses are very small.
    This table shows a typical tradeoff. You can see that with the default 10 MB threshold, only 0.01% of
    viruses pass through.

    FortiGate Security 7.2 Study Guide (p.350 & 352): "In flow-based inspection mode, the IPS engine
    reads the payload of each packet, caches a local copy, and forwards the packet to the receiver at the
    same time. Because the file is ransmitted simultaneously, flow-based mode consumes more CPU
    cycles than proxy-based." "Each protocol’s proxy picks up a connection and buffers the entire file first
    (or waits until the oversize limit is reached) before scanning. The client must wait for the scanning to
    finish."

    Question: 4

    Refer to the exhibit.


    Refer to the web filter raw logs.

    https://www.certsfire.com
    Questions & Answers PDF Page 4

    Based on the raw logs shown in the exhibit, which statement is correct?

    A. Social networking web filter category is configured with the action set to authenticate.
    B. The action on firewall policy ID 1 is set to warning.
    C. Access to the social networking web filter category was explicitly blocked to all users.
    D. The name of the firewall policy is all_users_web.

    Answer: A
    Explanation:

    Question: 5

    Which two configuration settings are synchronized when FortiGate devices are in an active-active HA
    cluster? (Choose two.)

    A. FortiGuard web filter cache


    B. FortiGate hostname
    C. NTP
    D. DNS

    Answer: CD
    Explanation:

    In the 7.2 Infrastructure Guide (page 306) the list of configuration settings that are NOT synchronized
    includes both 'FortiGate host name' and 'Cache'

    https://www.certsfire.com
    Questions & Answers PDF Page 5

    https://www.certsfire.com
    Questions & Answers PDF Page 6

    Thank You for trying NSE4_FGT-7.2 PDF Demo


    `

    To try our NSE4_FGT-7.2 practice exam software visit link below

    https://www.certsfire.com/NSE4_FGT-7.2.html

    Start Your NSE4_FGT-7.2


    Preparation
    Use Coupon “SAVE25” for extra 25% discount on the purchase of
    Practice Test Software. Test your NSE4_FGT-7.2 preparation with
    actual exam questions.

    https://www.certsfire.com

    You might also like