CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 20)

Page 20 of 44
PDF with 172 Questions

Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)

  1. The firmware image must be manually uploaded to each FortiGate.
  2. Only secondary FortiGate devices are rebooted.
  3. Uninterruptable upgrade is enabled by default.
  4. Traffic load balancing is temporally disabled while upgrading the firmware.

Answer(s): C,D



Which statement regarding the firewall policy authentication timeout is true?

  1. It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source IP.
  2. It is a hard timeout. The FortiGate removes the temporary policy for a user’s source IP address after this timer has expired.
  3. It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source MA
  4. It is a hard timeout. The FortiGate removes the temporary policy for a user’s source MAC address after this timer has expired.

Answer(s): A



Which of the following statements correctly describes FortiGates route lookup behavior when searching for a suitable gateway? (Choose two)

  1. Lookup is done on the first packet from the session originator
  2. Lookup is done on the last packet sent from the responder
  3. Lookup is done on every packet, regardless of direction
  4. Lookup is done on the trust reply packet from the responder

Answer(s): A,D



A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface.

Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets?

  1. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.
  2. The two VLAN sub interfaces must have different VLAN IDs.
  3. The two VLAN sub interfaces can have the same VLAN ID, only if they belong to different VDOMs.
  4. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.

Answer(s): B

Explanation:

FortiGate_Infrastructure_6.0_Study_Guide_v2-Online.pdf –> page 147
“Multiple VLANs can coexist in the same physical interface, provide they have different VLAN ID”



Page 20 of 44



Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

mfundo commented on October 23, 2023
f you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
SOUTH AFRICA
upvote

Soharb commented on May 02, 2022
If you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
INDIA
upvote