NSE4_FGT-6.4

Which two statements about IPsec authentication on FortiGate are correct? (Choose two.)A . For a stronger authentication, you can also enable extended authentication (XAuth) to request the remote peer to provide a username and passwordB . FortiGate supports pre-shared key and signature as authentication methods.C . Enabling XAuth results in...

Refer to the exhibit. A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up. but phase 2 fails to come up. Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2...

An administrator is configuring an Ipsec between site A and siteB. The Remotes Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator configure the local...

If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?A . The Services field prevents SNAT and DNAT from being combined in the same policy.B . The Services field is used when you need to bundle several VIPs into VIP...

Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)A . Log downloads from the GUI are limited to the current filter viewB . Log backups from the CLI cannot be restored to another FortiGate.C . Log backups...

Which of the following statements is true regarding SSL VPN settings for an SSL VPN portal?A . By default, FortiGate uses WINS servers to resolve names.B . By default, the SSL VPN portal requires the installation of a client’s certificate.C . By default, split tunneling is enabled.D . By default,...

How does FortiGate act when using SSL VPN in web mode?A . FortiGate acts as an FDS server.B . FortiGate acts as an HTTP reverse proxy.C . FortiGate acts as DNS server.D . FortiGate acts as router.View AnswerAnswer: C Explanation: Reference: https://pub.kb.fortinet.com/ksmcontent/Fortinet-Public/current/Fortigate_v4.0MR3/fortigate-sslvpn-40-mr3.pdf

Which two statements are true about the FGCP protocol? (Choose two.)A . Not used when FortiGate is in Transparent modeB . Elects the primary FortiGate deviceC . Runs only over the heartbeat linksD . Is used to discover FortiGate devices in different HA groupsView AnswerAnswer: C,D

Refer to the FortiGuard connection debug output. Based on the output shown in the exhibit, which two statements are correct? (Choose two.)A . A local FortiManager is one of the servers FortiGate communicates with.B . One server was contacted to retrieve the contract information.C . There is at least one...

Refer to the exhibit. Based on the administrator profile settings, what permissions must the administrator set to run the diagnose firewall auth list CLI command on FortiGate?A . Custom permission for NetworkB . Read/Write permission for Log & ReportC . CLI diagnostics commands permissionD . Read/Write permission for FirewallView AnswerAnswer:...