Fortinet NSE4_FGT-6.2 Fortinet NSE 4 – FortiOS 6.2 Online Training
Fortinet NSE4_FGT-6.2 Online Training
The questions for NSE4_FGT-6.2 were last updated at Dec 30,2024.
- Exam Code: NSE4_FGT-6.2
- Exam Name: Fortinet NSE 4 - FortiOS 6.2
- Certification Provider: Fortinet
- Latest update: Dec 30,2024
How does FortiGate verify the login credentials of a remote LDAP user?
- A . FortiGate regenerates the algorithm based on the login credentials and compares it to the algorithm stored on the LDAP server
- B . FortiGate sends the user-entered credentials to the LDAP server for authentication
- C . FortiGate queries the LDAP server for credentials.
- D . FortiGate queries its own database for credentials.
Which users and user groups are allowed access to the network through captive portal?
- A . Users and groups defined in the firewall policy.
- B . Only individual users – not groups – defined in the captive portal configuration
- C . Groups defined in the captive portal configuration
- D . All users
Which of the following statements about policy-based IPsec tunnels are true? (Choose two. )
- A . They can be configured in both NAT/Route and transparent operation modes.
- B . They support L2TP-over-IPsec.
- C . They require two firewall policies, one for each directions of traffic flow.
- D . They support GRE-over-IPsec.
An administrator wants to block HTTP uploads Examine the exhibit, which contains the proxy address created for that purpose.
Where must the proxy address be used?
- A . As the source in a firewall policy
- B . As the source in a proxy policy
- C . As the destination in a firewall policy
- D . As the destination in a proxy policy
Which one of the following processes is involved in updating IPS from FortiGuard?
- A . FortiGate IPS update requests are sent using UDP port 443.
- B . Protocol decoder update requests are sent to service. fortiguard.net.
- C . IPS signature update requests are sent to update fortiguard.net.
- D . IPS engine updates can only be obtained using push updates.
An administrator wants to create a policy-based IPsec VPN tunnel between two FortiGate devices which configuration steps must be performed on both devices to support this scenario? (Choose three)
- A . Define the phase 1 parameters, without enabling IPsec interface mode
- B . Define the phase 2 parameters
- C . Set the phase 2 encapsulation method to transport mode
- D . Define at least one firewall policy, with the action set to IPsec
- E . Define a route to the remote network over the IPsec tunnel
An administrator wants to configure a FortiGate as a DNS server. FotiGate must use a DNS database first, and then relay all irresolvable queries to an external DNS server.
Which of the following DNS methods must you use?
- A . Recursive
- B . Non-recursive
- C . Forward to primary and secondary DNS
- D . Forward to system DNS
Why is the administrator getting the error shown in the exhibit?
- A . The administrator must first enter the command edit global
- B . The administrator admin does not have the privileges required to configure global settings.
- C . The global settings cannot be configured from the root VDOM context.
- D . The command config system global does not exist in FortiGate.
If the issuer and Subject values are the same in a digital certificate, which type of entity was the certificate issued to?
- A . A CRL
- B . A person
- C . A subordinate CA
- D . A root CA
Which statements about a One-to-One IP pool are true? (Choose two. )
- A . It is used for destination NAT.
- B . It allows the fixed mapping of an internal address range to an external address range.
- C . It does not use port address translation.
- D . ID It allows the configuration of ARP replies
Latest NSE4_FGT-6.2 Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
