CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.0

Free NSE4_FGT-7.0 Exam Braindumps (page: 20)

Page 19 of 44
PDF with 172 Questions

Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)

  1. Shut down/reboot a downstream FortiGate device.
  2. Disable FortiAnalyzer logging for a downstream FortiGate device.
  3. Log in to a downstream FortiSwitch device.
  4. Ban or unban compromised hosts.

Answer(s): A,B



Which three statements about security associations (SA) in IPsec are correct? (Choose three.)

  1. Phase 2 SAs are used for encrypting and decrypting the data exchanged through the tunnel.
  2. An SA never expires.
  3. A phase 1 SA is bidirectional, while a phase 2 SA is directional.
  4. Phase 2 SA expiration can be time-based, volume-based, or both.
  5. Both the phase 1 SA and phase 2 SA are bidirectional.

Answer(s): A,C,D



Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

  1. hard-timeout
  2. auth-on-demand
  3. soft-timeout
  4. new-session
  5. Idle-timeout

Answer(s): A,D,E


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD37221



NGFW mode allows policy-based configuration for most inspection rules. Which security profile’s configuration does not change when you enable policy-based inspection?

  1. Web filtering
  2. Antivirus
  3. Web proxy
  4. Application control

Answer(s): B






Post your Comments and Discuss Fortinet NSE4_FGT-7.0 exam with other Community members:

NSE4_FGT-7.0 Discussions & Posts