最新的Fortinet NSE 4 - FortiOS 6.4 - NSE4_FGT-6.4免費考試真題
問題1
Which security feature does FortiGate provide to protect servers located in the internal networks from attacks such as SQL injections?
正確答案: B
問題2
Which statement about the policy ID number of a firewall policy is true?
正確答案: B
問題3
Refer to the exhibit.
The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?
The exhibit shows a CLI output of firewall policies, proxy policies, and proxy addresses.
How does FortiGate process the traffic sent to http://www.fortinet.com?
正確答案: B
問題4
An organization's employee needs to connect to the office through a high-latency internet connection.
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?
Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?
正確答案: B
問題5
Refer to the exhibit to view the firewall policy.
Which statement is correct if well-known viruses are not being blocked?
Which statement is correct if well-known viruses are not being blocked?
正確答案: C
問題6
Refer to the exhibit.
The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the Internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)
The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.
The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the Internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem.
Which two statements are true? (Choose two.)
正確答案: B,C
問題7
What types of traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)
正確答案: A,C,E
問題8
Refer to the exhibit.
Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)
Given the interfaces shown in the exhibit. which two statements are true? (Choose two.)
正確答案: A,B
問題9
What is the effect of enabling auto-negotiate on the phase 2 configuration of an IPsec tunnel?
正確答案: D
說明:(僅 VCESoft 成員可見)
問題10
Refer to the exhibit.
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration changes will bring phase 1 up? (Choose two.)
A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 fails to come up. The administrator has also re-entered the pre-shared key on both FortiGate devices to make sure they match.
Based on the phase 1 configuration and the diagram shown in the exhibit, which two configuration changes will bring phase 1 up? (Choose two.)
正確答案: B,D
問題11
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
正確答案: D
說明:(僅 VCESoft 成員可見)
問題12
Refer to the exhibit, which contains a static route configuration.
An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?
An administrator created a static route for Amazon Web Services.
What CLI command must the administrator use to view the route?
正確答案: C
問題13
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
正確答案: B,D
問題14
Which two statements ate true about the Security Fabric rating? (Choose two.)
正確答案: C,D
說明:(僅 VCESoft 成員可見)
