Weekend Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

NSE4_FGT-7.2 Exam Dumps - Fortinet NSE4 Questions and Answers

Question # 34

Which statement about the deployment of the Security Fabric in a multi-VDOM environment is true?

Options:

A.

VDOMs without ports with connected devices are not displayed in the topology.

B.

Downstream devices can connect to the upstream device from any of their VDOMs.

C.

Security rating reports can be run individually for each configured VDOM.

D.

Each VDOM in the environment can be part of a different Security Fabric.

Buy Now
Question # 35

40

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

Options:

A.

diagnose wad session list

B.

diagnose wad session list | grep hook-pre&&hook-out

C.

diagnose wad session list | grep hook=pre&&hook=out

D.

diagnose wad session list | grep "hook=pre"&"hook=out"

Buy Now
Question # 36

Options:

A.

Log downloads from the GUI are limited to the current filter view B. Log backups from the CLI cannot be restored to another FortiGate. C. Log backups from the CLI can be configured to upload to FTP as a scheduled time D. Log downloads from the GUI are stored as LZ4 compressed files.

Buy Now
Question # 37

View the exhibit.

Which of the following statements are correct? (Choose two.)

Options:

A.

This setup requires at least two firewall policies with the action set to IPsec.

B.

Dead peer detection must be disabled to support this type of IPsec setup.

C.

The TunnelB route is the primary route for reaching the remote site. The TunnelA route is used only if the TunnelB VPN is down.

D.

This is a redundant IPsec setup.

Buy Now
Question # 38

An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

Options:

A.

Device detection on all interfaces is enforced for 30 minutes.

B.

Denied users are blocked for 30 minutes.

C.

A session for denied traffic is created.

D.

The number of logs generated by denied traffic is reduced.

Buy Now
Question # 39

Refer to the exhibit.

Based on the ZTNA tag, the security posture of the remote endpoint has changed.

What will happen to endpoint active ZTNA sessions?

Options:

A.

They will be re-evaluated to match the endpoint policy.

B.

They will be re-evaluated to match the firewall policy.

C.

They will be re-evaluated to match the ZTNA policy.

D.

They will be re-evaluated to match the security policy.

Buy Now
Question # 40

55

In which two ways can RPF checking be disabled? (Choose two )

Options:

A.

Enable anti-replay in firewall policy.

B.

Disable the RPF check at the FortiGate interface level for the source check

C.

Enable asymmetric routing.

D.

Disable strict-arc-check under system settings.

Buy Now
Question # 41

18

If the Issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?

Options:

A.

A CRL

B.

A person

C.

A subordinate CA

D.

A root CA

Buy Now
Question # 42

Refer to the exhibit.

The exhibit shows a diagram of a FortiGate device connected to the network and the firewall policy and IP pool configuration on the FortiGate device.

Which two actions does FortiGate take on internet traffic sourced from the subscribers? (Choose two.)

Options:

A.

FortiGate allocates port blocks per user, based on the configured range of internal IP addresses.

B.

FortiGate allocates port blocks on a first-come, first-served basis.

C.

FortiGate generates a system event log for every port block allocation made per user.

D.

FortiGate allocates 128 port blocks per user.

Buy Now
Question # 43

Refer to the exhibit.

The exhibit shows the output of a diagnose command.

What does the output reveal about the policy route?

Options:

A.

It is an ISDB route in policy route.

B.

It is a regular policy route.

C.

It is an ISDB policy route with an SDWAN rule.

D.

It is an SDWAN rule in policy route.

Buy Now
Exam Code: NSE4_FGT-7.2
Exam Name: Fortinet NSE 4 - FortiOS 7.2
Last Update: Feb 22, 2025
Questions: 170
NSE4_FGT-7.2 pdf

NSE4_FGT-7.2 PDF

$25.5  $84.99
 Add to Cart
NSE4_FGT-7.2 Engine

NSE4_FGT-7.2 Testing Engine

$28.5  $94.99
 Add to Cart
NSE4_FGT-7.2 PDF + Engine

NSE4_FGT-7.2 PDF + Testing Engine

$40.5  $134.99
 Add to Cart