Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
Microsoft
VMware
Avaya
SAP
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE4_FGT-7.2

Free Fortinet NSE4_FGT-7.2 Exam Braindumps (page: 25)

Page 9 of 45
PDF with 174 Questions

Refer to the exhibit.



An administrator is running a sniffer command as shown in the exhibit.
Which three pieces of information are included in the sniffer output? (Choose three.)

  1. Interface name
  2. Ethernet header
  3. IP header
  4. Application header
  5. Packet payload

Answer(s): A,C,E


Reference:

https://kb.fortinet.com/kb/documentLink .do?externalID=11186

Study Guide ­ Routing ­ Diagnostics ­ Packet Capture Verbosity Level.

# diagnose sniffer packet <interface> `<filter>' <verbosity> <count> <timestamp> <frame size>

In the example, verbosity is 5.

The verbosity level specifies how much info you want to display.

1 (default): IP Headers.
2: IP Headers, Packet Payload.
3. IP Headers, Packet Payload, Ethernet Headers.
4: IP Headers, Interface Name.
5: IP Headers, Packet Payload, Interface Name.
6: IP Headers, Packet Payload, Ethernet Headers, Interface Name.



An administrator does not want to report the logon events of service accounts to FortiGate.
What setting on the collector agent is required to achieve this?

  1. Add the support of NTLM authentication.
  2. Add user accounts to Active Directory (AD).
  3. Add user accounts to the FortiGate group fitter.
  4. Add user accounts to the Ignore User List.

Answer(s): D


Reference:

https://community.fortinet.com/t5/Support-Forum/Collector-Agent-and-problem- getting-login-info/m-p/95481



An administrator is configuring an IPsec VPN between site A and site B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192. 168. 1.0/24 and the remote quick mode selector is 192. 168.2.0/24.
Which subnet must the administrator configure for the local quick mode selector for site B?

  1. 192. 168. 1.0/24
  2. 192. 168.0.0/24
  3. 192. 168.2.0/24
  4. 192. 168.3.0/24

Answer(s): C

Explanation:

For an IPsec VPN between site A and site B, the administrator has configured the local quick mode selector for site A as 192.168.1.0/24 and the remote quick mode selector as 192.168.2.0/24. This means that the VPN will allow traffic to and from the 192.168.1.0/24 subnet at site A to reach the

192.168.2.0/24 subnet at site B.

To complete the configuration, the administrator must configure the local quick mode selector for site B. To do this, the administrator must use the same subnet as the remote quick mode selector for site A, which is 192.168.2.0/24. This will allow traffic to and from the 192.168.2.0/24 subnet at site B to reach the 192.168.1.0/24 subnet at site A.

Therefore, the administrator must configure the local quick mode selector for site B as 192.168.2.0/24.



Which two statements are true about the FGCP protocol? (Choose two.)

  1. FGCP elects the primary FortiGate device.
  2. FGCP is not used when FortiGate is in transparent mode.
  3. FGCP runs only over the heartbeat links.
  4. FGCP is used to discover FortiGate devices in different HA groups.

Answer(s): A,C

Explanation:

The FGCP (FortiGate Clustering Protocol) is a protocol that is used to manage high availability (HA) clusters of FortiGate devices. It performs several functions, including the following:

FGCP elects the primary FortiGate device: In an HA cluster, FGCP is used to determine which FortiGate device will be the primary device, responsible for handling traffic and making decisions about what to allow or block. FGCP uses a variety of factors, such as the device's priority, to determine which device should be the primary.

FGCP runs only over the heartbeat links: FGCP communicates between FortiGate devices in the HA cluster using the heartbeat links. These are dedicated links that are used to exchange status and control information between the devices. FGCP does not run over other types of links, such as data links.


Reference:

https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/564712/fgcp-fortigate- clustering-protocol

FortiGate Infrastructure 7.2 Study Guide (p.292): "FortiGate HA uses the Fortinet-proprietary FortiGate Clustering Protocol (FGCP) to discover members, elect the primary FortiGate, synchronize data among members, and monitor the health of members. To discover and monitor members, the members broadcast heartbeat packets over all configured heartbeat interfaces."






Post your Comments and Discuss Fortinet NSE4_FGT-7.2 exam prep with other Community members:

NSE4_FGT-7.2 Exam Discussions & Posts