NSE4_FGT-7.2 exam

Which two inspection modes can you use to configure a firewall policy on a profile-based next-generation firewall (NGFW)? (Choose two.)A . Proxy-based inspection B. Certificate inspection C. Flow-based inspection D. Full Content inspectionView AnswerAnswer: A,C

Refer to the exhibits. The exhibits show the SSL and authentication policy (Exhibit A) and the security policy (Exhibit B) for Facebook. Users are given access to the Facebook web application. They can play video content hosted on Facebook but they are unable to leave reactions on videos or other...

Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)A . FortiGate SN FGVM010000065036 HA uptime has been reset. B. FortiGate devices are not in sync because one device is down. C. FortiGate SN FGVM010000064692...

Which statement about video filtering on FortiGate is true?A . Full SSL Inspection is not required. B. It is available only on a proxy-based firewall policy. C. It inspects video files hosted on file sharing services. D. Video filtering FortiGuard categories are based on web filter FortiGuard categories.View AnswerAnswer: B...

Which two settings can be separately configured per VDOM on a FortiGate device? (Choose two.)A . System time B. FortiGuaid update servers C. Operating mode D. NGFW modeView AnswerAnswer: C,D Explanation: C: "Operating mode is per-VDOM setting. You can combine transparent mode VDOM's with NAT mode VDOMs on the same...

Examine this FortiGate configuration: How does the FortiGate handle web proxy traffic coming from the IP address 10.2.1.200 that requires authorization?A . It always authorizes the traffic without requiring authentication. B. It drops the traffic. C. It authenticates the traffic using the authentication scheme SCHEME2. D. It authenticates the traffic...

When configuring a firewall virtual wire pair policy, which following statement is true?A . Any number of virtual wire pairs can be included, as long as the policy traffic direction is the same. B. Only a single virtual wire pair can be included in each policy. C. Any number of...

A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) sub interfaces added to the physical interface. Which statements about the VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.A . The two VLAN sub interfaces can...

What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)A . Create a new firewall policy with the new HTTP service and place it above the existing HTTP policy. B. Create a new service object for HTTP service and...

Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?A . To remove the NAT operation. B. To generate logs C. To finish any inspection operations. D. To allow for out-of-order packets that could arrive after...