Provide the most valid and accurate practice exam and exam questions, including CompTIA Security+, New Cisco Exams, Cloud Certification Exams, Microsoft Azure Exams and so on, with 100% passing guarantee.

Welcome to KillTest.com

Want to practice some free Fortinet NSE4_FGT-7.0 exam questions? You can study the following Fortinet NSE4_FGT-7.0 exam online questions. Killtest provides 172 Q&As for Fortinet NSE4_FGT-7.0 exam, which has been proven effective in the NSE4_FGT-7.0 exam preparation. Besides, you can get full payment fee refund if you fail NSE4_FGT-7.0 exam by using Killtest NSE4_FGT-7.0 practice exam questions. Ready? Go!

Get NSE4_FGT-7.0 with 172 Q&As

Fortinet NSE4_FGT-7.0 Online Practice Exam Questions

The questions of NSE4_FGT-7.0 were last updated on Apr 19,2024 .

Viewing page 1 out of 2 pages.

Viewing questions 1 out of 12 questions

Question#1

A network administrator wants to set up redundant IPsec VPN tunnels on FortiGate by using two IPsec VPN tunnels and static routes.
All traffic must be routed through the primary tunnel when both tunnels are up. The secondary tunnel must be used only if the primary tunnel goes down.
In addition, FortiGate should be able to detect a dead tunnel to speed up tunnel failover
Which two key configuration changes are needed in FortiGate to meet the design requirements? (Choose two.)

A. Configure a higher distance on the static route for the primary tunnel, and a lower distance on the static route for the secondary tunnel.

B. Enable Dead Peer Detection.

C. Enable Auto-negotiate and Auto Keep Alive on the phase 2 configuration of both tunnels.

D. Configure a lower distance on the static route for the primary tunnel, and a higher distance on the static route for the secondary tunnel.

Question#2

Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)

A. FortiTelemetry

B. HTTPS

C. SSH

D. FTM

Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/995103/buildingsecurity-into-fortios

Question#3

Why does FortiGate keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

A. To allow for out-of-order packets that could arrive after the FIN/ACK packets

B. To finish any inspection operations

C. To generate logs

D. To remove the NAT operation

Explanation:
TCP provides the ability for one end of a connection to terminate its output while still receiving data from the other end. This is called a half-close. FortiGate unit implements a specific timer before removing an entry in the firewall session table.

Question#4

Which statement about the policy ID number of a firewall policy is true?

A. It changes when firewall policies are reordered.

B. It defines the order in which rules are processed.

C. It represents the number of objects used in the firewall policy.

D. It is required to modify a firewall policy using the CL

Question#5

An administrator has configured outgoing interface any in a firewall policy.
Which statement is true about the policy list view?

A. Interface Pair view will be disabled.

B. Search option will be disabled.

C. Policy lookup will be disabled.

D. By Sequence view will be disabled.

Exam Code: NSE4_FGT-7.0
Q & A: 172 Q&As
Updated: Apr 19,2024

Get NSE4_FGT-7.0 Full Version

KILLTEST CONTACT INFO

[email protected]

GMT+8: Mon-Sat 8:00-18:00

GMT: Mon-Sat 0:00-10:00

TOP Exams

Question#1

Question#2

Question#3

Question#4

Question#5

KILLTEST CONTACT INFO

Certifications

All Certifications

Promotions

Bundles

Latest Exams

How to buy

Stay in touch