CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 5)

Page 5 of 44
PDF with 172 Questions

Refer to the exhibits.

Exhibit A.


Exhibit B.


The SSL VPN connection fails when a user attempts to connect to it.
What should the user do to successfully connect to SSL VPN?

  1. Change the SSL VPN port on the client.
  2. Change the Server IP address.
  3. Change the idle-timeout.
  4. Change the Server IP address.

Answer(s): A


Reference:

https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/150494



Which two statements about SSL VPN between two FortiGate devices are true? (Choose two.)

  1. The client FortiGate requires a client certificate signed by the CA on the server FortiGate.
  2. The client FortiGate requires a manually added route to remote subnets.
  3. The client FortiGate uses the SSL VPN tunnel interface type to connect SSL VPN.
  4. Server FortiGate requires a CA certificate to verify the client FortiGate certificate.

Answer(s): C,D


Reference:

https://docs.fortinet.com/document/fortigate/6.2.9/cookbook/266506/ssl-vpn-with-certificate-authentication



Refer to the exhibit.


The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.

The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem.

With this configuration, which statement is true?

  1. Inter-VDOM links are required to allow traffic between the Local and Root VDOMs.
  2. A default static route is not required on the To_Internet VDOM to allow LAN users to access the internet.
  3. Inter-VDOM links are required to allow traffic between the Local and DMZ VDOMs.
  4. Inter-VDOM links are not required between the Root and To_Internet VDOMs because the Root VDOM is used only as a management VDOM.

Answer(s): A


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD46542



Refer to the exhibits.

Exhibit A.


Exhibit B.



An administrator creates a new address object on the root FortiGate (Local-FortiGate) in the security fabric. After synchronization, this object is not available on the downstream FortiGate (ISFW).

What must the administrator do to synchronize the address object?

  1. Change the csf setting on Local-FortiGate (root) to set configuration-sync local.
  2. Change the csf setting on ISFW (downstream) to set configuration-sync local.
  3. Change the csf setting on Local-FortiGate (root) to set fabric-object-unification default.
  4. Change the csf setting on ISFW (downstream) to set fabric-object-unification default.

Answer(s): A


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD43820



Page 5 of 44



Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

mfundo commented on October 23, 2023
f you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
SOUTH AFRICA
upvote

Soharb commented on May 02, 2022
If you memorize all questions and answers you are going to get around 85% or more. Looks like some questions are no longer in the exam. But still good enoug to pass.
INDIA
upvote