NSE4_FGT-7.0試験無料問題集（175題）「Fortinet NSE 4

出題：1

Refer to the exhibit.

Which contains a Performance SLA configuration.
An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?

A. The Ping protocol is not supported for the public servers that are configured.

B. Participants configured are not SD-WAN members.

C. There may not be a static route to route the performance SLA traffic.

D. You need to turn on the Enable probe packets switch.

正解：D 解答を投票する

出題：2

Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

A. The firmware image must be manually uploaded to each FortiGate.

B. Traffic load balancing is temporally disabled while upgrading the firmware.

C. Uninterruptable upgrade is enabled by default.

D. Only secondary FortiGate devices are rebooted.

正解：B,C 解答を投票する

出題：3

Refer to the exhibit.

Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?

A. Traffic matching the signature will be silently dropped and logged.

B. The signature setting includes a group of other signatures.

C. Traffic matching the signature will be allowed and logged.

D. The signature setting uses a custom rating threshold.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

An administrator wants to configure timeouts for users. Regardless of the user's behavior, the timer should start as soon as the user authenticates and expire after the configured value.
Which timeout option should be configured on FortiGate?

A. idle-timeout

B. soft-timeout

C. hard-timeout

D. new-session

E. auth-on-demand

正解：C 解答を投票する

出題：5

If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

A. The Services field is used when you need to bundle several VIPs into VIP groups.

B. The Services field removes the requirement to create multiple VIPs for different services.

C. The Services field prevents multiple sources of traffic from using multiple services to connect to a single

D. The Services field prevents SNAT and DNAT from being combined in the same policy.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Which security feature does FortiGate provide to protect servers located in the internal networks from attacks such as SQL injections?

A. Web application firewall

B. Denial of Service

C. Application control

D. Antivirus

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which of the following conditions must be met in order for a web browser to trust a web server certificate signed by a third-party CA?

A. The private key of the CA certificate that signed the browser certificate must be installed on the browser.

B. The public key of the web server certificate must be installed on the browser.

C. The web-server certificate must be installed on the browser.

D. The CA certificate that signed the web-server certificate must be installed on the browser.

正解：D 解答を投票する

出題：8

Which two statements are correct about SLA targets? (Choose two.)

A. SLA targets are used only when referenced by an SD-WAN rule.

B. You can configure only two SLA targets per one Performance SLA.

C. SLA targets are optional.

D. SLA targets are required for SD-WAN rules with a Best Quality strategy.

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

A. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.

B. port-VLAN1 is the native VLAN for the port1 physical interface.

C. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.

D. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.

正解：C,D 解答を投票する

出題：10

Refer to the exhibit.

Which contains a session diagnostic output. Which statement is true about the session diagnostic output?

A. The session is in SYN_SENT state.

B. The session is in FTN_WAIT state.

C. The session is in FIN_ACK state.

D. The session is in ESTABLISHED state.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

NSE4_FGT-7.0試験無料問題集「Fortinet NSE 4 - FortiOS 7.0 認定」