Download Fortinet NSE 4 -FortiOS 6-4.DumpsBase.NSE4_FGT-6.4.2023-01-08.1e.72q.vcex

Download Exam

File Info

Exam Fortinet NSE 4 - FortiOS 6.4
Number NSE4_FGT-6.4
File Name Fortinet NSE 4 -FortiOS 6-4.DumpsBase.NSE4_FGT-6.4.2023-01-08.1e.72q.vcex
Size 5.4 Mb
Posted January 08, 2023
Downloads 4

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%


Demo Questions

Question 1
Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)

  • A: hard-timeout
  • B: auth-on-demand
  • C: soft-timeout
  • D: new-session
  • E: Idle-timeout

Question 2
When a firewall policy is created, which attribute is added to the policy to support recording logs to a FortiAnalyzer or a FortiManager and improves functionality when a FortiGate is integrated with these devices?

  • A: Log ID
  • B: Universally Unique Identifier
  • C: Policy ID
  • D: Sequence ID

Question 3
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)

  • A: diagnose sys top
  • B: execute ping
  • C: execute traceroute
  • D: diagnose sniffer packet any
  • E: get system arp

Question 4
Consider the topology:
Application on a Windows machine <--{SSL VPN} -->FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
What two changes can the administrator make to resolve the issue without affecting services running
through FortiGate? (Choose two.)

  • A: Set the maximum session TTL value for the TELNET service object.
  • B: Set the session TTL on the SSLVPN policy to maximum, so the idle session timeout will not happen after 90 minutes.
  • C: Create a new service object for TELNET and set the maximum session TTL.
  • D: Create a new firewall policy and place it above the existing SSLVPN policy for the SSL VPN traffic, and set the new TELNET service object in the policy.

Question 5
Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)

  • A: Log downloads from the GUI are limited to the current filter view
  • B: Log backups from the CLI cannot be restored to another FortiGate.
  • C: Log backups from the CLI can be configured to upload to FTP as a scheduled time
  • D: Log downloads from the GUI are stored as LZ4 compressed files.

Question 6
An administrator needs to increase network bandwidth and provide redundancy.
What interface type must the administrator select to bind multiple FortiGate interfaces?

  • A: VLAN interface
  • B: Software Switch interface
  • C: Aggregate interface
  • D: Redundant interface

Question 7
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

  • A: Traffic to botnetservers
  • B: Traffic to inappropriate web sites
  • C: Server information disclosure attacks
  • D: Credit card data leaks
  • E: SQL injection attacks

Question 8
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?

  • A: IP address
  • B: Once Internet Service is selected, no other object can be added
  • C: User or User Group
  • D: FQDN address

Question 9
Refer to the exhibit.


The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to

  • A: Traffic will be redirected to the transparent proxy and it will be allowed by proxy policy ID 3.
  • B: Traffic will not be redirected to the transparent proxy and it will be allowed by firewall policy ID 1.
  • C: Traffic will be redirected to the transparent proxy and It will be allowed by proxy policy ID 1.
  • D: Traffic will be redirected to the transparent proxy and it will be denied by the proxy implicit deny policy.

Question 10
Refer to the exhibit.



The exhibit contains the configuration for an SD-WAN Performance SLA, as well as the output of diagnose sys virtual-wan-link health-check.
Which interface will be selected as an outgoing interface?

  • A: port2
  • B: port4
  • C: port3
  • D: port1


You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files