NSE4_FGT-6.0 Fortinet NSE 4 – FortiOS 6.0 Exam


QUESTION: 1
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is
used as the source of the HTTP request?

A. remote user’s public IP address
B. The public IP address of the FortiGate device.
C. The remote user’s virtual IP address.
D. The internal IP address of the FotiGate device.

Answer: D


QUESTION: 2
A team manager has decided that while some members of the team need access to particular
website, the majority of the team does not. Which configuration option is the most effective option
to support this request?

A. Implement a web filter category override for the specified website.
B. Implement web filter authentication for the specified website
C. Implement web filter quotas for the specified website.
D. Implement DNS filter for the specified website.

Answer: A


QUESTION: 3
Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)

A. Include the group of guest users in a policy.
B. Extend timeout timers.
C. Guarantee at least 34 Kbps bandwidth between FortiGate and domain controllers.
D. Ensure all firewalls allow the FSSO required ports.

Answer: A,D


QUESTION: 4
Which statements about antivirus scanning mode are true? (Choose two.)

A. In proxy-based inspection mode antivirus buffers the whole file for scarring before sending it to the client.
B. In flow-based inspection mode, you can use the CLI to configure antivirus profiles to use protocol option profiles.
C. In proxy-based inspection mode, if a virus is detected, a replacement message may not be displayed immediately.
D. In quick scan mode, you can configure antivirus profiles to use any of the available signature data bases.

Answer: B,D


QUESTION: 5
In a high availability (HA) cluster operating in active-active mode, which of the following correctly
describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary FortiGate?

A. Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.
B. Client > secondary FortiGate> web server.
C. Client >secondary FortiGate> primary FortiGate> web server.
D. Client> primary FortiGate> secondary FortiGate> web server.

Answer: D


QUESTION: 6
An administrator is configuring an IPsec between site A and site B. The Remotes Gateway setting in
both sites has been configured as Static IP Address. For site A, the local quick mode selector is
192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator
configure the local quick mode selector for site B?

A. 192.168.3.0.24
B. 192.168.2.0.24
C. 192.168.1.0.24
D. 192.168.0.0.8

Answer: A

Click here to view complete Q&A of NSE4_FGT-6.0 exam
Certkingdom Review
, Certkingdom PDF Torrents

MCTS Training, MCITP Trainnig

Best Fortinet NSE4 NSE4_FGT-6.0 Certification, Fortinet NSE4 NSE4_FGT-6.0 Training at certkingdom.com

Click to rate this post!
[Total: 0 Average: 0]

Comments |0|

Legend *) Required fields are marked
**) You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>