Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-6.4

Fortinet NSE4_FGT-6.4 Exam Questions
Fortinet NSE 4 - FortiOS 6.4 (Page 3 )

Updated On: 21-Feb-2026
Page 3 of 34
PDF with 163 Questions

Refer to the exhibits to view the firewall policy (Exhibit A) and the antivirus profile (Exhibit B).





Which statement is correct if a user is unable to receive a block replacement message when downloading an infected file for the first time?

  1. The firewall policy performs the full content inspection on the file.
  2. The flow-based inspection is used, which resets the last packet to the user.
  3. The volume of traffic being inspected is too high for this model of FortiGate.
  4. The intrusion prevention security profile needs to be enabled when using flow-based inspection mode.

Answer(s): B



Which two statements about antivirus scanning mode are true? (Choose two.)

  1. In proxy-based inspection mode, files bigger than the buffer size are scanned.
  2. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
  3. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.
  4. In flow-based inspection mode, files bigger than the buffer size are scanned.

Answer(s): B,C



Refer to the exhibit.



Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)

  1. There are five devices that are part of the security fabric.
  2. Device detection is disabled on all FortiGate devices.
  3. This security fabric topology is a logical topology view.
  4. There are 19 security recommendations for the security fabric.

Answer(s): C,D



Refer to the exhibit.



Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

  1. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  2. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  3. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.
  4. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.

Answer(s): D



Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

  1. To allow for out-of-order packets that could arrive after the FIN/ACK packets
  2. To finish any inspection operations
  3. To remove the NAT operation
  4. To generate logs

Answer(s): A






Post your Comments and Discuss Fortinet NSE4_FGT-6.4 exam dumps with other Community members:

Join the NSE4_FGT-6.4 Discussion