Question # 1 In an explicit proxy setup, where is the authentication method and database configured? A. Proxy PolicyB. Authentication RuleC. Firewall PolicyD. Authentication scheme
Click for Answer
D. Authentication schemeQuestion # 2 Refer to the exhibits. The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook .
Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other types of posts.
Which part of the policy configuration must you change to resolve the issue?
A. Make SSL inspection needs to be a deep content inspection B. Force access to Facebook using the HTTP service C. Get the additional application signatures are required to add to the security policy D. Add Facebook in the URL category in the security policy
Click for Answer
A. Make SSL inspection needs to be a deep content inspection
Answer Description They can play video (tick) content hosted on Facebook, but they are unable to leave reactions on videos or other types of posts. This indicate that the rule is partially working as they can watch video but can't react, i.e. liking the content. So must be an issue with the SSL inspection rather than adding an app rule.
Question # 3 Refer to the exhibit. Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?
A. Custom permission for Network
B. Read/Write permission for Log & Report
C. CLI diagnostics commands permission
D. Read/Write permission for Firewall
Click for Answer
C. CLI diagnostics commands permission
Question # 4 Which CLI command will display sessions both from client to the proxy and from the proxy
to the servers?
A. diagnose wad session listB. diagnose wad session list | grep hook-pre&&hook-outC. diagnose wad session list | grep hook=pre&&hook=outD. diagnose wad session list | grep "hook=pre"&"hook=out"
Click for Answer
A. diagnose wad session listQuestion # 5 Refer to the exhibits. Exhibit A shows
system performance output.
Exhibit B shows a FortiGate
configured with the default
configuration of high memory usage thresholds. Based on the system performance
output, which two statements are correct? (Choose two.)
A. Administrators can access FortiGate only through the console
port. B. FortiGate has entered
conserve mode. C. FortiGate will start sending
all files to FortiSandbox for inspection. D. Administrators cannot change the configuration.
Click for Answer
B. FortiGate has entered
conserve mode. D. Administrators cannot change the configuration.
Answer Description Reference: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Conserve-mode- changes/ta-p/198502
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Conserve-mode-changes/ta- p/198502
configurable thresholds
Though it is recommended to keep the default memory threshold, a new CLI command has been added to allow administrators to adjust the thresholds.
Default values are :
- red : 88% of total memory is considered "used memory"
- extreme : 95% of total memory is considered "used memory"
- green : 82% of total memory is considered "used memory"
Question # 6 If Internet Service is already selected as Source in a firewall policy, which other
configuration objects can be added to the Source filed of a firewall policy?
A. IP addressB. Once Internet Service is selected, no other object can be addedC. User or User GroupD. FQDN address
Click for Answer
B. Once Internet Service is selected, no other object can be added
Answer Description Reference:
https://docs.fortinet.com/document/fortigate/6.2.5/cookbook/179236/using-internet-servicein-policy
Question # 7 On FortiGate, which type of logs record information about traffic directly to and from the
FortiGate management IP addresses?
A. System event logsB. Forward traffic logsC. Local traffic logsD. Security logs
Click for Answer
C. Local traffic logs
Answer Description Reference: https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/476970
Traffic logs record the traffic flowing through your FortiGate unit. Since traffic needs firewall policies to properly flow through FortiGate, this type of logging is also called firewall policy logging. Firewall policies control all traffic attempting to pass through the FortiGate unit, between FortiGate interfaces, zones, and VLAN sub-interfaces.
FortiGate Security 7.2 Study Guide (p.176): "Local traffic logs contain information about traffic directly to and from the FortiGate management IP addresses. They also include connections to the GUI and FortiGuard queries."
Question # 8 Which three statements explain a flow-based antivirus profile? (Choose three.) A. Flow-based inspection uses a hybrid of the scanning modes available in proxy-based
inspection.B. If a virus is detected, the last packet is delivered to the client.C. The IPS engine handles the process as a standalone.D. FortiGate buffers the whole file but transmits to the client at the same time.E. Flow-based inspection optimizes performance compared to proxy-based inspection.
Click for Answer
A. Flow-based inspection uses a hybrid of the scanning modes available in proxy-based
inspection.D. FortiGate buffers the whole file but transmits to the client at the same time.E. Flow-based inspection optimizes performance compared to proxy-based inspection.
Answer Description Reference: https://forum .fortinet.com/tm .aspx?m=192309
Up-to-Date
We always provide up-to-date NSE4_FGT-7.2 exam dumps to our clients. Keep checking website for updates and download.
Excellence
Quality and excellence of our Fortinet NSE 4 - FortiOS 7.2 practice questions are above customers expectations. Contact live chat to know more.
Success
Your SUCCESS is assured with the NSE4_FGT-7.2 exam questions of passin1day.com. Just Buy, Prepare and PASS!
Quality
All our braindumps are verified with their correct answers. Download NSE4 Practice tests in a printable PDF format.
Basic
$80
Any 3 Exams of Your Choice
3 Exams PDF + Online Test Engine
Buy Now
Premium
$100
Any 4 Exams of Your Choice
4 Exams PDF + Online Test Engine
Buy Now
Gold
$125
Any 5 Exams of Your Choice
5 Exams PDF + Online Test Engine
Buy Now
Passin1Day has a big success story in last 12 years with a long list of satisfied customers.
NSE4_FGT-7.2 Dumps
We have recently updated Fortinet NSE4_FGT-7.2 dumps study guide. You can use our NSE4 braindumps and pass your exam in just 24 hours. Our Fortinet NSE 4 - FortiOS 7.2 real exam contains latest questions. We are providing Fortinet NSE4_FGT-7.2 dumps with updates for 3 months. You can purchase in advance and start studying. Whenever Fortinet update Fortinet NSE 4 - FortiOS 7.2 exam, we also update our file with new questions. Passin1day is here to provide real NSE4_FGT-7.2 exam questions to people who find it difficult to pass exam
What Our Customers Say
Jeff Brown
Thanks you so much passin1day.com team for all the help that you have provided me in my Fortinet exam. I will use your dumps for next certification as well.
Mareena Frederick
You guys are awesome. Even 1 day is too much. I prepared my exam in just 3 hours with your NSE4_FGT-7.2 exam dumps and passed it in first attempt :)
Ralph Donald
I am the fully satisfied customer of passin1day.com. I have passed my exam using your Fortinet NSE 4 - FortiOS 7.2 braindumps in first attempt. You guys are the secret behind my success ;)
Lilly Solomon
I was so depressed when I get failed in my Cisco exam but thanks GOD you guys exist and helped me in passing my exams. I am nothing without you.
