QUESTION: 21

Which of statement is true about SSL VPN web mode?

The tunnel is up while the client is connected.
It supports a limited number of protocols.
The external network application sends data through the VPN.
It assigns a virtual IP address to the client.

Answer(s): B

Explanation:

FortiGate_Security_6.4 page 575 - Web mode requires only a web browser, but supports a limited number of protocols.

Refer to the exhibit.

The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?

port2
port4
port3
port1

Answer(s): D

Explanation:

Port 1 shows the lowest latency.

Show Answer Next Question

QUESTION: 23

Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up. Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?

On HQ-FortiGate, enable Auto-negotiate.
On Remote-FortiGate, set Seconds to 43200.
On HQ-FortiGate, enable Diffie-Hellman Group 2.
On HQ-FortiGate, set Encryption to AES256.

Answer(s): D

Reference:

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/168495

Show Answer Next Question

QUESTION: 24

Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

Social networking web filter category is configured with the action set to authenticate.
The action on firewall policy ID 1 is set to warning.
Access to the social networking web filter category was explicitly blocked to all users.
The name of the firewall policy is all_users_web.

Answer(s): A

Show Answer Next Question

Free Fortinet NSE4_FGT-6.4 Exam Braindumps (page: 7)

QUESTION: 21

Explanation:

QUESTION: 22

Explanation:

QUESTION: 23

Reference:

QUESTION: 24

NSE4_FGT-6.4 Exam Discussions & Posts