NSE4_FGT-6.4 exam

Refer to the exhibit. The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses. How does FortiGate process the traffic sent to http://www.fortinet.com?A . Traffic will be redirected to the transparent proxy and it will be allowed by proxy policy ID 3.B . Traffic will not...

Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)A . diagnose sys topB . execute pingC . execute tracerouteD . diagnose sniffer packet anyE . get system arpView AnswerAnswer: A,B, C

Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)A . The subject field in the server certificateB . The serial number in the server certificateC . The server name indication (SNI) extension in the client...

Examine the exhibit, which contains a virtual IP and firewall policy configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port2) interface has the IP address 10.0.1.254/24. The first firewall policy has NAT enabled on the outgoing interface address. The second firewall policy is configured with a...

Refer to the exhibit. The exhibit contains a network diagram, central SNAT policy, and IP pool configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IP address 10.0.1.254/24. A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1)....

If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?A . IP addressB . Once Internet Service is selected, no other object can be addedC . User or User GroupD . FQDN addressView...

Refer to the exhibit. Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)A . Traffic between port2 and port2-vlan1 is allowed by default.B . port1-vlan10 and port2-vlan10 are part of the same broadcast domain.C . port1 is a native VLAE . port1-vlan and port2-vlan1 can...

Refer to the exhibit, which contains a session diagnostic output. Which statement is true about the session diagnostic output?A . The session is a UDP unidirectional state.B . The session is in TCP ESTABLISHED state.C . The session is a bidirectional UDP connection.D . The session is a bidirectional TCP...

Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)A . hard-timeoutB . auth-on-demandC . soft-timeoutD . new-sessionE . Idle-timeoutView AnswerAnswer: A,D,E Explanation: https://kb.fortinet.com/kb/documentLink.do?externalID=FD37221

Refer to the exhibit. Which contains a Performance SLA configuration. An administrator has configured a performance SLA on FortiGate. Which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?A . Participants configured are not SD-WAN members.B . There may not be a static...