Free NSE4_FGT-6.2 Exam Braindumps (page: 2)

Page 2 of 36

Examine the FortiGate configuration:



What will happen to unauthenticated users when an active authentication policy is followed by a fall through policy without authentication?

  1. The user must log in again to authenticate.
  2. The user will be denied access to resources without authentication.
  3. The user will not be prompted for authentication.
  4. User authentication happens at an interface level.

Answer(s): A


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD46875



Which downstream FortiGate VDOM is used to join the Security Fabric when split-task VDOM is enabled on all FortiGate devices?

  1. FG-traffic VDOM
  2. Root VDOM
  3. Customer VDOM
  4. Global VDOM

Answer(s): B


Reference:

https://docs.fortinet.com/document/fortigate/6.2.0/new-features/287377/split-task- vdom-support



In a high availability (HA) cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

  1. Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.
  2. Client > secondary FortiGate> web server.
  3. Clinet >secondary FortiGate> primary FortiGate> web server.
  4. Client> primary FortiGate> secondary FortiGate> web server.

Answer(s): D



Which statements about antivirus scanning mode are true? (Choose two.)

  1. In proxy-based inspection mode antivirus buffers the whole file for scarring before sending it to the client.
  2. In flow-based inspection mode, you can use the CLI to configure antivirus profiles to use protocol option profiles.
  3. In proxy-based inspection mode, if a virus is detected, a replacement message may not be displayed immediately.
  4. In quick scan mode, you can configure antivirus profiles to use any of the available signature data bases.

Answer(s): A,B

Explanation:

A: Buffers the whole file, packets sent to the client after scan finishes-
B: When the antivirus profile is operating in flow-based inspection mode, two scanning mode options are available: full scan mode and quick scan mode.(Normal extended, or extreme-depending on what is configured in the CLI).






Post your Comments and Discuss Fortinet NSE4_FGT-6.2 exam with other Community members:

NSE4_FGT-6.2 Exam Discussions & Posts