Free NSE4_FGT-6.4 Exam Braindumps (page: 5)

Page 4 of 43

An administrator is configuring an IPsec VPN between site A and site B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24.

Which subnet must the administrator configure for the local quick mode selector for site B?

  1. 192.168.1.0/24
  2. 192.168.0.0/24
  3. 192.168.2.0/24
  4. 192.168.3.0/24

Answer(s): C



An administrator does not want to report the logon events of service accounts to FortiGate.
What setting on the collector agent is required to achieve this?

  1. Add the support of NTLM authentication.
  2. Add user accounts to Active Directory (AD).
  3. Add user accounts to the FortiGate group fitter.
  4. Add user accounts to the Ignore User List.

Answer(s): D



Refer to the exhibits.





The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) tor Facebook.
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?

  1. The SSL inspection needs to be a deep content inspection.
  2. Force access to Facebook using the HTTP service.
  3. Additional application signatures are required to add to the security policy.
  4. Add Facebook in the URL category in the security policy.

Answer(s): A



Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)

  1. Heartbeat interfaces have virtual IP addresses that are manually assigned.
  2. A change in the virtual IP address happens when a FortiGate device joins or leaves the cluster.
  3. Virtual IP addresses are used to distinguish between cluster members.
  4. The primary device in the cluster is always assigned IP address 169.254.0.1.

Answer(s): B,D






Post your Comments and Discuss Fortinet NSE4_FGT-6.4 exam with other Community members:

Exam Discussions & Posts