NSE4_FGT-7.2試験無料問題集（183題）「Fortinet NSE 4

出題：1

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

A. Allow

B. Warning

C. Exempt

D. Learn

正解：A,B 解答を投票する

出題：2

Refer to the exhibit.

Based on the ZTNA tag, the security posture of the remote endpoint has changed.
What will happen to endpoint active ZTNA sessions?

A. They will be re-evaluated to match the ZTNA policy.

B. They will be re-evaluated to match the firewall policy.

C. They will be re-evaluated to match the security policy.

D. They will be re-evaluated to match the endpoint policy.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

A. Log in to a downstream FortiSwitch device.

B. Disable FortiAnalyzer logging for a downstream FortiGate device.

C. Ban or unban compromised hosts.

D. Shut down/reboot a downstream FortiGate device.

正解：B,D 解答を投票する

出題：4

On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?

A. Local traffic logs

B. Security logs

C. System event logs

D. Forward traffic logs

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

A. The Services field is used when you need to bundle several VIPs into VIP groups.

B. The Services field removes the requirement to create multiple VIPs for different services.

C. The Services field prevents multiple sources of traffic from using multiple services to connect to a single computer.

D. The Services field prevents SNAT and DNAT from being combined in the same policy.

正解：B 解答を投票する

出題：6

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?

A. diagnose wad session list | grep hook-pre&&hook-out

B. diagnose wad session list | grep hook=pre&&hook=out

C. diagnose wad session list

D. diagnose wad session list | grep "hook=pre"&"hook=out"

正解：C 解答を投票する

出題：7

Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

A. FTM

B. HTTPS

C. SSH

D. FortiTelemetry

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which two statements are correct about NGFW Policy-based mode? (Choose two.)

A. NGFW policy-based mode does not require the use of central source NAT policy

B. NGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy

C. NGFW policy-based mode policies support only flow inspection

D. NGFW policy-based mode can only be applied globally and not on individual VDOMs

正解：B,C 解答を投票する

出題：9

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.
What is the reason for the failed virus detection by FortiGate?

A. The website is exempted from SSL inspection.

B. The EICAR test file exceeds the protocol options oversize limit.

C. The browser does not trust the FortiGate self-signed CA certificate.

D. The selected SSL inspection profile has certificate inspection enabled.

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

A. Allow

B. Warning

C. Exempt

D. Learn

正解：A,B 解答を投票する

NSE4_FGT-7.2試験無料問題集「Fortinet NSE 4 - FortiOS 7.2 認定」