CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 10)

Page 10 of 44
PDF with 172 Questions

Refer to the exhibit.


The exhibit shows the IPS sensor configuration.
If traffic matches this IPS sensor, which two actions is the sensor expected to take? (Choose two.)

  1. The sensor will block all attacks aimed at Windows servers.
  2. The sensor will gather a packet log for all matched traffic.
  3. The sensor will allow attackers matching the NTP.Spoofed.KoD.DoS signature.
  4. The sensor will reset all connections that match these signatures.

Answer(s): A,C



Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)

  1. The CA extension must be set to TRUE.
  2. The issuer must be a public CA.
  3. The common name on the subject field must use a wildcard name.
  4. The keyUsage extension must be set to keyCertSign.

Answer(s): A,D


Reference:

https://www.reddit.com/r/fortinet/comments/c7j6jg/recommended_ssl_cert/



A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.

What is the reason for the failed virus detection by FortiGate?

  1. Antivirus definitions are not up to date.
  2. SSL/SSH Inspection profile is incorrect.
  3. Antivirus profile configuration is incorrect.
  4. Application control is not enabled.

Answer(s): B



Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

  1. FortiTelemetry
  2. HTTPS
  3. SSH
  4. FTM

Answer(s): B,C


Reference:

https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/995103/building-security-into-fortios



Page 10 of 44



Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

mfundo commented on October 23, 2023
f you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
SOUTH AFRICA
upvote

Soharb commented on May 02, 2022
If you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
INDIA
upvote