Scribd
Upload
309 views4 pages

Nse4 FGT-7.0

This document provides information about an IT certification exam for Fortinet NSE 4 - FortiOS 7.0 from the website certqueen.com. It includes 5 multiple choice practice questions about topics like antivirus scanning modes, web rating overrides, IPsec VPN configuration, troubleshooting Layer 2 issues using ARP tables, and IPS sensor actions. The questions test knowledge of FortiGate firewall and FortiOS configurations and functions.

Uploaded by

Indranista Liqquor Desserta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
309 views4 pages

Nse4 FGT-7.0

This document provides information about an IT certification exam for Fortinet NSE 4 - FortiOS 7.0 from the website certqueen.com. It includes 5 multiple choice practice questions about topics like antivirus scanning modes, web rating overrides, IPsec VPN configuration, troubleshooting Layer 2 issues using ARP tables, and IPS sensor actions. The questions test knowledge of FortiGate firewall and FortiOS configurations and functions.

Uploaded by

Indranista Liqquor Desserta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

IT Certification Exams Provider!

Weofferfreeupdateserviceforoneyear!
hƩps://www.certqueen.com
The safer , easier way to help you pass any IT exams.

Exam : NSE4_FGT-7.0

Title : Fortinet NSE 4 - FortiOS 7.0

Version : DEMO

1 / 3
The safer , easier way to help you pass any IT exams.

1.Which two statements about antivirus scanning mode are true? (Choose two.)
A. In proxy-based inspection mode, files bigger than the buffer size are scanned.
B. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the
client.
C. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending
it to the client.
D. In flow-based inspection mode, files bigger than the buffer size are scanned.
Answer: B,C
Explanation:
An antivirus profile in full scan mode buffers up to your specified file size limit. The default is 10 MB. That
is large enough for most files, except video files. If your FortiGate model has more RAM, you may be
able to increase this threshold. Without a limit, very large files could exhaust the scan memory. So, this
threshold balances risk and performance. Is this tradeoff unique to FortiGate, or to a specific model? No.
Regardless of vendor or model, you must make a choice. This is because of the difference between
scans in theory, that have no limits, and scans on real-world devices, that have finite RAM. In order to
detect 100% of malware regardless of file size, a firewall would need infinitely large RAM—something
that no device has in the real world. Most viruses are very small. This table shows a typical tradeoff. You
can see that with the default 10 MB threshold, only 0.01% of viruses pass through.

2.FortiGuard categories can be overridden and defined in different categories. To create a web rating
override for example.com home page, the override must be configured using a specific syntax.
Which two syntaxes are correct to configure web rating for the home page? (Choose two.)
A. www.example.com:443
B. www.example.com
C. example.com
D. www.example.com/index.html
Answer: B,C
Explanation:
FortiGate_Security_6.4 page 384
When using FortiGuard category filtering to allow or block access to a website, one option is to make a
web rating override and define the website in a different category. Web ratings are only for host names—
"no URLs or wildcard characters are allowed".

3.An administrator is configuring an IPsec VPN between site A and site


B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the
local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?
A. 192.168.1.0/24
B. 192.168.0.0/24
C. 192.168.2.0/24
D. 192.168.3.0/24
Answer: C

4.Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address

2 / 3
The safer , easier way to help you pass any IT exams.

conflict?
A. get system status
B. get system performance status
C. diagnose sys top
D. get system arp
Answer: D
Explanation:
"If you suspect that there is an IP address conflict, or that an IP has been assigned to the wrong device,
you may need to look at the ARP table."

5.Refer to the exhibit.

The exhibit shows the IPS sensor configuration.


If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)
A. The sensor will allow attackers matching the NTP.Spoofed.KoD.DoS signature.
B. The sensor will block all attacks aimed at Windows servers.
C. The sensor will reset all connections that match these signatures.
D. The sensor will gather a packet log for all matched traffic.
Answer: A,B

3 / 3

You might also like