Study the following Fortinet NSE 4 NSE4_FGT-6.2 and NSE4_FGT-6.4 exam information, you will have a basic understanding of the two exams.
From the details in the above table, you can know that there are less questions in Fortinet NSE4_FGT-6.4 exam.
We just updated Fortinet NSE 4 NSE4_FGT-6.2 real exam questions, which are valuable for you to prepare the test. Share some Fortinet certification NSE4_FGT-6.2 real exam questions and answers below.
1.NGFW mode allows policy-based configuration for most inspection rules. Which security profile configuration does not change when you enable policy-based inspection?
A. Application control
B. Web filtering
C. Web proxy
D. Antivirus
Answer: D
2.Which two statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
A. The firmware image must be uploaded manually to each FortiGate.
B. Uninterruptable upgrade is enabled by default.
C. Traffic load balancing is temporarily disabled while the firmware is upgraded.
D. Only secondary FortiGate devices are rebooted.
Answer: BC
3.Which statement about the firewall policy authentication timeout is true?
A. It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source IP.
B. It is a hard timeout. The FortiGate removes the temporary policy for a user’s source IP address after this timer has expired.
C. It is an idle timeout. The FortiGate considers a user to be “idle” if it does not see any packets coming from the user’s source MAC.
D. It is a hard timeout. The FortiGate removes the temporary policy for a user’s source MAC address after this timer has expired.
Answer: A
4.Which two statements correctly describe how FortiGate performs route lookup, when searching for a suitable gateway? (Choose two.)
A. Lookup is done on the first packet from the session originator
B. Lookup is done on the last packet sent from the responder
C. Lookup is done on every packet, regardless of direction
D. Lookup is done on the first reply packet from the responder
Answer: AD
5.A FortiGate is operating in NAT mode and configured with two virtual LAN (VLAN) subinterfaces added to the physical interface. In this scenario, which statement about the VLAN IDs is true?
A. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in different subnets.
B. The two VLAN sub interfaces must have different VLAN IDs.
C. The two VLAN sub interfaces can have the same VLAN ID, only if they belong to different VDOMs.
D. The two VLAN sub interfaces can have the same VLAN ID, only if they have IP addresses in the same subnet.
Answer: B
