QUESTION: 41

Examine this PAC file configuration.

Which of the following statements are true? (Choose two.)

Browsers can be configured to retrieve this PAC file from the FortiGate.
Any web request to the 172.25.120.0/24 subnet is allowed to bypass the proxy.
All requests not made to Fortinet.com or the 172.25.120.0/24 subnet, have to go through altproxy.corp.com: 8060.
Any web request fortinet.com is allowed to bypass the proxy.

Answer(s): A,D

Reveal Solution Next Question

QUESTION: 42

Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

The firmware image must be manually uploaded to each FortiGate.
Only secondary FortiGate devices are rebooted.
Uninterruptable upgrade is enabled by default.
Traffic load balancing is temporally disabled while upgrading the firmware.

Answer(s): B,D

Reveal Solution Next Question

QUESTION: 43

Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

It requires the use of dynamic routing protocols so that spokes can learn the routes to other spokes.
ADVPN is only supported with IKEv2.
Tunnels are negotiated dynamically between spokes.
Every spoke requires a static tunnel to be configured to other spokes so that phase 1 and phase 2 proposals are defined in advance.

Answer(s): A,C

Reveal Solution Next Question

QUESTION: 44

An administrator needs to create an SSL-VPN connection for accessing an internal server using the bookmark Port Forward. What step is required for this configuration?

Configure an SSL VPN realm for clients to use the port forward bookmark.
Configure the client application to forward IP traffic through FortiClient.
Configure the virtual IP address to be assigned t the SSL VPN users.
Configure the client application to forward IP traffic to a Java applet proxy.

Answer(s): D

Reveal Solution Next Question

Free NSE4_FGT-6.2 Exam Braindumps (page: 12)

QUESTION: 41

QUESTION: 42

QUESTION: 43

QUESTION: 44

NSE4_FGT-6.2 Discussions & Posts