Free NSE4_FGT-6.4 Exam Braindumps (page: 4)

Page 4 of 43

Refer to the exhibit.



Which contains a network diagram and routing table output.
The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

  1. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  2. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  3. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.
  4. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.

Answer(s): D



Why does FortiGate Keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

  1. To allow for out-of-order packets that could arrive after the FIN/ACK packets
  2. To finish any inspection operations
  3. To remove the NAT operation
  4. To generate logs

Answer(s): A



Which two statements ate true about the Security Fabric rating? (Choose two.)

  1. It provides executive summaries of the four largest areas of security focus.
  2. Many of the security issues can be fixed immediately by click ng Apply where available.
  3. The Security Fabric rating must be run on the root FortiGate device in the Security Fabric.
  4. The Security Fabric rating is a free service that comes bundled with alt FortiGate devices.

Answer(s): B,C

Explanation:

FortiGate_Security_6.4_Study_Guide-Online. page 89



Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)

  1. System time
  2. FortiGuaid update servers
  3. Operating mode
  4. NGFW mode

Answer(s): C,D

Explanation:

C: "Operating mode is per-VDOM setting. You can combine transparent mode VDOM's with NAT mode VDOMs on the same physical Fortigate.
D: "Inspection-mode selection has moved from VDOM to firewall policy, and the default inspection- mode is flow, so NGFW Mode can be changed from Profile-base (Default) to Policy-base directly in System > Settings from the VDOM" Page 125 of FortiGate_Infrastructure_6.4_Study_Guide






Post your Comments and Discuss Fortinet NSE4_FGT-6.4 exam with other Community members:

NSE4_FGT-6.4 Exam Discussions & Posts