CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-6.4

Free NSE4_FGT-6.4 Exam Braindumps (page: 2)

Page 2 of 24
PDF with 163 Questions

View the exhibit:

Which the FortiGate handle web proxy traffic rue? (Choose two.)

  1. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.
  2. port-VLAN1 is the native VLAN for the port1 physical interface.
  3. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.
  4. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.

Answer(s): A,C



Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).




Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

  1. The firewall policy performs the full content inspection on the file.
  2. The flow-based inspection is used, which resets the last packet to the user.
  3. The volume of traffic being inspected is too high for this model of FortiGate.
  4. The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

Answer(s): A



What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

  1. It limits the scope of application control to the browser-based technology category only.
  2. It limits the scope of application control to scan application traffic based on application category only.
  3. It limits the scope of application control to scan application traffic using parent signatures only
  4. It limits the scope of application control to scan application traffic on DNS protocol only.

Answer(s): B



If theServicesfield is configured in a Virtual IP (VIP), which statement is true when central NAT is used?

  1. TheServicesfield prevents SNAT and DNAT from being combined in the same policy.
  2. TheServicesfield is used when you need to bundle several VIPs into VIP groups.
  3. TheServicesfield removes the requirement to create multiple VIPs for different services.
  4. TheServicesfield prevents multiple sources of traffic from using multiple services to connect to a single computer.

Answer(s): C



Page 2 of 24



Post your Comments and Discuss Fortinet NSE4_FGT-6.4 exam with other Community members:

Masssy commented on July 03, 2021
Bohod Achhaa yar. Exact questions from real test.
INDIA
upvote

Danny commented on July 03, 2021
Well-put and very precise. It contains all the questions in real exam.
CANADA
upvote