Fortinet NSE4_FGT-7.2 Exam Questions Instant Access

Question 1

An administrator needs to configure VPN user access for multiple sites using the same soft FortiToken. Each site has a FortiGate VPN gateway. What must an administrator do to achieve this objective?

AThe administrator can register the same FortiToken on more than one FortiGate.

BThe administrator must use a FortiAuthenticator device

CThe administrator can use a third-party radius OTP server.

DThe administrator must use the user self-registration server.

Answer : B

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-FortiToken-for-multiple-units/ta-p/194435

Question 2

A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded.

What is the reason for the failed virus detection by FortiGate?

AThe website is exempted from SSL inspection.

BThe EICAR test file exceeds the protocol options oversize limit.

CThe selected SSL inspection profile has certificate inspection enabled.

DThe browser does not trust the FortiGate self-signed CA certificate.

Answer : A, C

SSL Inspection Profile, on the Inspection method there are 2 options to choose from, SSL Certificate Inspection or Full SSL Inspection. FG SEC 7.2 Studi Guide: Full SSL Inspection level is the only choice that allows antivirus to be effective.

Question 3

Refer to the exhibit.

Refer to the web filter raw logs.

Based on the raw logs shown in the exhibit, which statement is correct?

ASocial networking web filter category is configured with the action set to authenticate.

BThe action on firewall policy ID 1 is set to warning.

CAccess to the social networking web filter category was explicitly blocked to all users.

DThe name of the firewall policy is all_users_web.

Answer : A

Question 4

Which of the following are valid actions for FortiGuard category based filter in a web filter profile ui proxy-based inspection mode? (Choose two.)

AWarning

BExempt

CAllow

DLearn

Answer : A, C

Question 5

Which two statements about FortiGate FSSO agentless polling mode are true? (Choose two.)

AFortiGate uses the AD server as the collector agent.

BFortiGate uses the SMB protocol to read the event viewer logs from the DCs.

CFortiGate does not support workstation check .

DFortiGate directs the collector agent to use a remote LDAP server.

Answer : B, C

You can deploy FSSO w/o installing an agent. FG polls the DCs directly, instead of receiving logon info indirectly from a collector agent.

Because FG collects all of the data itself, agentless polling mode requires greater system resources, and it doesn't scale as easily.

Agentless polling mode operates in a similar way to WinSecLog, but with only two event IDs: 4768 and 4769. Because there's no collector agent, FG uses the SMB protocol to read the event viewer logs from the DCs.

FG acts as a collector. It 's responsible for polling on top of its normal FSSO tasks but does not have all the extra features, such as workstation checks, that are available with the external collector agent.

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-troubleshoot-FSSO-agentless-polling/ta-p/214349

Question 6

Refer to the exhibit.

Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)

ATraffic between port2 and port2-vlan1 is allowed by default.

Bport1-vlan10 and port2-vlan10 are part of the same broadcast domain.

Cport1 is a native VLAN.

Dport1-vlan and port2-vlan1 can be assigned in the same VDOM or to different VDOMs.

Answer : C, D

https://community.fortinet.com/t5/FortiGate/Technical-Tip-rules-about-VLAN-configuration-and-VDOM-interf

https://kb.fortinet.com/kb/viewContent.do?externalId=FD30883

Question 7

What are two features of the NGFW policy-based mode? (Choose two.)

ANGFW policy-based mode does not require the use of central source NAT policy.

BNGFW policy-based mode can only be applied globally and not on individual VDOMs_

CNGFW policy-based mode policies support only flow inspection.

DNGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy

Answer : C, D

C) NGFW policy-based mode policies support only flow inspection. This is correct.This is a feature of the NGFW policy-based mode, according to the Fortinet documentation 'Profile-based NGFW vs policy-based NGFW'1. The documentation states that ''In policy-based NGFW mode, you can only select flow inspection. Proxy inspection is not supported.''

D) NGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy. This is correct.This is a feature of the NGFW policy-based mode, according to the Fortinet documentation 'Profile-based NGFW vs policy-based NGFW'1. The documentation states that ''In policy-based NGFW mode, you allow applications and URL categories to be used directly in security policies, without requiring web filter or application control profiles.''

Fortinet NSE 4 - FortiOS 7.2 NSE4_FGT-7.2 Exam Questions