Braindumpsit: Braindumpsit - It Certification Company Provides Braindumps PDF!
Braindumpsit: Braindumpsit - It Certification Company Provides Braindumps PDF!
Braindumpsit: Braindumpsit - It Certification Company Provides Braindumps PDF!
http://www.braindumpsit.com
BraindumpsIT - IT Certification Company provides Braindumps pdf!
Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
IT Certification Guaranteed, The Easy Way!
Exam : NSE4_FGT-6.2
Vendor : Fortinet
Version : DEMO
Get Latest & Valid NSE4_FGT-6.2 Exam's Question and1Answers from Braindumpsit.com. 1
http://www.braindumpsit.com/nse4_fgt-6.2_real-exam.html
Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
IT Certification Guaranteed, The Easy Way!
NO.1 An employee connects to the https://example.com on the Internet using a web browser. The
web server's certificate was signed by a private internal CA. The FortiGate that is inspecting this
traffic is configured for full SSL inspection.
This exhibit shows the configuration settings for the SSL/SSH inspection profile that is applied to the
policy that is invoked in this instance. All other settings are set to defaults. No certificates have been
imported into FortiGate. View the exhibit and answer the question that follows.
NO.2 An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy
address created for that purpose.
Get Latest & Valid NSE4_FGT-6.2 Exam's Question and2Answers from Braindumpsit.com. 2
http://www.braindumpsit.com/nse4_fgt-6.2_real-exam.html
Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
IT Certification Guaranteed, The Easy Way!
NO.3 Why does FortiGate keep TCP sessions in the session table for some seconds even after both
sides (client and server) have terminated the session?
A. To remove the NAT operation.
B. To finish any inspection operations.
C. To generate logs
D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.
Answer: D
Get Latest & Valid NSE4_FGT-6.2 Exam's Question and3Answers from Braindumpsit.com. 3
http://www.braindumpsit.com/nse4_fgt-6.2_real-exam.html
Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
IT Certification Guaranteed, The Easy Way!
NO.6 Which of the following statements describe WMI polling mode for the FSSO collector agent?
(Choose two.)
A. WMI polling can increase bandwidth usage in large networks.
B. The collector agent do not need to search any security event logs.
C. The NetSessionEnum function is used to track user logoffs.
D. The collector agent uses a Windows API to query DCs for user logins.
Answer: B,D
NO.7 Which statements about DNS filter profiles are true? (Choose two.)
A. They can block DNS requests to known botnet command and control servers.
B. They can redirect blocked requests to a specific portal.
C. They must be applied in firewall policies with SSL inspection enabled.
D. They can inspect HTTP traffic.
Answer: A,B
VDOM1 is operating in transparent mode VDOM2 is operating in NAT Route mode. There is an
inteface VDOM link between both VDOMs. A client workstation with the IP address 10.0.1.10/24 is
Get Latest & Valid NSE4_FGT-6.2 Exam's Question and4Answers from Braindumpsit.com. 4
http://www.braindumpsit.com/nse4_fgt-6.2_real-exam.html
Instant Download - Best Exam Practice Material - 100% Money Back Guarantee!
IT Certification Guaranteed, The Easy Way!
connected to port2. A web server with the IP address 10.200.1.2/24 is connected to port1.
What is required in the FortiGate configuration to route and allow connections from the client
workstation to the web server? (Choose two.)
A. A static or dynamic route in VDOM1 with the subnet 10.200.1.0/24 as the destination.
B. One firewall policy in VDOM1 with port2 as the source interface and InterVDOM0 as the
destination interface.
C. One firewall policy in VDOM2 with InterVDOM1 as the source interface and port1 as the
destination interface.
D. A static or dynamic route in VDOM2 with the subnet 10.0.1.0/24 as the destination.
Answer: B
NO.9 Which is the correct description of a hash result as it relates to digital certificates?
A. An output value that is used to identify the person or deduce that authored the input data.
B. A unique value used to verify the input data
C. An encrypted output value used to safe-guard the input data
D. An obfuscation used to mask the input data.
Answer: B
NO.10 If the Services field is configured in a Virtual IP (VIP), which of the following statements is true
when central NAT is used?
A. The Services field does not allow source NAT and destination NAT to be combined in the same
policy.
B. The Services field is used when several VIPs need to be bundled into VIP groups.
C. The Services field does not allow multiple sources of traffic, to use multiple services, to connect to
a single computer.
D. The Services field removes the requirement of creating multiple VIPs for different services.
Answer: D
Get Latest & Valid NSE4_FGT-6.2 Exam's Question and5Answers from Braindumpsit.com. 5
http://www.braindumpsit.com/nse4_fgt-6.2_real-exam.html