CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 14)

Page 14 of 44
PDF with 172 Questions

Which type of logs on FortiGate record information about traffic directly to and from the FortiGate management IP addresses?

  1. System event logs
  2. Security logs
  3. Forward traffic logs
  4. Local traffic logs

Answer(s): D


Reference:

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/476970



How does FortiGate act when using SSL VPN in web mode?

  1. FortiGate acts as an HTTP reverse proxy.
  2. FortiGate acts as router.
  3. FortiGate acts as DNS server.
  4. FortiGate acts as an FDS server.

Answer(s): A


Reference:

https://pub.kb.fortinet.com/ksmcontent/Fortinet-Public/current/Fortigate_v4.0MR3/fortigate-sslvpn-40-mr3.pdf



Which two statements are correct about NGFW Policy-based mode? (Choose two.)

  1. NGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy.
  2. NGFW policy-based mode can only be applied globally and not on individual VDOMs.
  3. NGFW policy-based mode does not require the use of central source NAT policy.
  4. NGFW policy-based mode policies support only flow inspection.

Answer(s): A,D



Refer to the exhibits.
The exhibits contain a network diagram, virtual IP, IP pool, and firewall policies configuration.

Exhibit A.

Exhibit B.


The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.

Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?

  1. 10.200.1.100
  2. 10.200.1.10
  3. 10.200.1.1
  4. 10.200.3.1

Answer(s): C


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD44529



Page 14 of 44



Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

mfundo commented on October 23, 2023
f you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
SOUTH AFRICA
upvote

Soharb commented on May 02, 2022
If you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
INDIA
upvote