Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 17)

Page 16 of 44
PDF with 172 Questions

Refer to the exhibit.


Which contains a network diagram and routing table output. The Student is unable to access Webserver.
What is the cause of the problem and what is the solution for the problem?

  1. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  2. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 10.0.4.0/24 through wan1.
  3. The first reply packet for Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.
  4. The first packet sent from Student failed the RPF check.
    This issue can be resolved by adding a static route to 203.0.114.24/32 through port3.

Answer(s): D



Which two statements ate true about the Security Fabric rating? (Choose two.)

  1. It provides executive summaries of the four largest areas of security focus.
  2. Many of the security issues can be fixed immediately by clicking Apply where available.
  3. The Security Fabric rating must be run on the root FortiGate device in the Security Fabric.
  4. The Security Fabric rating is a free service that comes bundled with alt FortiGate devices.

Answer(s): B,C


Reference:

https://docs.fortinet.com/document/fortigate/6.4.0/administration- guide/292634/security-rating



Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)

  1. Heartbeat interfaces have virtual IP addresses that are manually assigned.
  2. A change in the virtual IP address happens when a FortiGate device joins or leaves the cluster.
  3. Virtual IP addresses are used to distinguish between cluster members.
  4. The primary device in the cluster is always assigned IP address 169.254.0.1.

Answer(s): B,D



An administrator has configured two-factor authentication to strengthen SSL VPN access. Which additional best practice can an administrator implement?

  1. Configure Source IP Pools.
  2. Configure split tunneling in tunnel mode.
  3. Configure different SSL VPN realms.
  4. Configure host check.

Answer(s): D






Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

Exam Discussions & Posts