NSE4_FGT-6.4試験無料問題集（165題）「Fortinet NSE 4

出題：1

Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

A. Log backups from the CLI cannot be restored to another FortiGate.

B. Log backups from the CLI can be configured to upload to FTP as a scheduled time

C. Log downloads from the GUI are limited to the current filter view

D. Log downloads from the GUI are stored as LZ4 compressed files.

正解：A,C 解答を投票する

出題：2

Which two statements are true about the FGCP protocol? (Choose two.)

A. Elects the primary FortiGate device

B. Runs only over the heartbeat links

C. Is used to discover FortiGate devices in different HA groups

D. Not used when FortiGate is in Transparent mode

正解：A,B 解答を投票する

出題：3

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

A. Allow

B. Warning

C. Exempt

D. Learn

正解：A,B 解答を投票する

出題：4

What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

A. Server information disclosure attacks

B. Traffic to inappropriate web sites

C. SQL injection attacks

D. Traffic to botnetservers

E. Credit card data leaks

正解：A,C,E 解答を投票する

出題：5

Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)

A. Connections are tracked using source port and source MAC address.

B. Port address translation is not used.

C. Source IP is translated to the outgoing interface IP.

D. This is known as many-to-one NAT.

正解：B,C 解答を投票する

出題：6

Refer to the exhibit.

Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

A. The first reply packet for Student failed the RPF check.
This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.

B. The first reply packet for Student failed the RPF check.
This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.

C. The first packet sent from Student failed the RPF check.
This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.

D. The first packet sent from Student failed the RPF check.
This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.

正解：C 解答を投票する

出題：7

You have enabled logging on your FortiGate device for Event logs and all Security logs, and you have set up logging to use the FortiGate local disk.
What is the default behavior when the local disk is full?

A. Logs are overwritten and the only warning is issued when log disk usage reaches the threshold of 95%.

B. No new log is recorded until you manually clear logs from the local disk.

C. No new log is recorded after the warning is issued when log disk usage reaches the threshold of 95%.

D. Logs are overwritten and the first warning is issued when log disk usage reaches the threshold of 75%.

正解：D 解答を投票する

出題：8

A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic. In addition, the remote peer does not support a dynamic DNS update service.
What type of remote gateway should the administrator configure on FortiGate for the new IPsec VPN tunnel to work?

A. Pre-shared Key

B. Dialup User

C. Dynamic DNS

D. Static IP Address

正解：B 解答を投票する

出題：9

Which two statements about antivirus scanning mode are true? (Choose two.)

A. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.

B. In proxy-based inspection mode, files bigger than the buffer size are scanned.

C. In flow-based inspection mode, files bigger than the buffer size are scanned.

D. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.

正解：A,D 解答を投票する

出題：10

Which two types of traffic are managed only by the management VDOM? (Choose two.)

A. PKI

B. Traffic shaping

C. FortiGuard web filter queries

D. DNS

正解：C,D 解答を投票する

NSE4_FGT-6.4試験無料問題集「Fortinet NSE 4 - FortiOS 6.4 認定」