NSE4_FGT-5.6 Online Practice Questions and Answers
View the exhibit.
Based on this output, which statements are correct?
(Choose two.)
Response:
A. FortiGate generated an event log for system conserve mode.
B. FortiGate has entered in to system conserve mode.
C. By default, the FortiGate blocks new sessions.
D. FortiGate changed the global av-failopen settings to idledrop.
If antivirus, grayware, and heuristic scans are enabled on FortiGate, in which order does FortiGate apply the scanning?
Response:
A. heuristics -> grayware -> antivirus
B. antivirus -> grayware -> heuristics
C. antivirus -> heuristics -> grayware
D. grayware -> antivirus -> heuristics
Under what circumstance would you enable LEARN as the Action on a firewall policy? Response:
A. You want FortiGate to compile security feature activity from various security-related logs, such as virus and attack logs.
B. You want FortiGate to monitor a specific security profile in a firewall policy, and provide recommendations for that profile.
C. You want to capture data across all traffic and security vectors, and receive learning logs and a report with recommendations.
D. You want FortiGate to automatically modify your firewall policies as it learns your networking behavior.
How do you configure inline SSL inspection on a firewall policy?
(Choose two.)
Response:
A. Enable one or more flow-based security profiles on the firewall policy.
B. Enable the SSL/SSH Inspection profile on the firewall policy.
C. Execute the inline ssl inspection CLI command.
D. Enable one or more proxy-based security profiles on the firewall policy.
An administrator wants to monitor their network for any probing attempts aimed to exploit existing
vulnerabilities in their servers. What must they configure on their FortiGate to accomplish this?
(Choose two.)
Response:
A. An application control profile and set all application signatures to monitor.
B. A DoS policy, and log all UDP and TCP scan attempts.
C. An IPS sensor to monitor all signatures applicable to the server.
D. A web application firewall profile to check protocol constraints.
Which FortiGate interface does source device type enable device detection on? Response:
A. All interfaces of FortiGate
B. Source interface of the firewall policy only
C. Destination interface of the firewall policy only
D. Both source interface and destination interface of the firewall policy
Which of the following protocols is used to encrypt the user data payload in an IPsec tunnel? Response:
A. AH
B. IKE
C. ISAKMP
D. ESP
What FortiGate feature can be used to prevent a cross-site scripting (XSS) attack? Response:
A. Web application firewall (WAF)
B. DoS policies
C. Rate based IPS signatures
D. One-arm sniffer
Which file names will match the *.tiff file name pattern configured in a data leak prevention filter?
(Choose two.)
Response:
A. tiff.tiff
B. tiff.png
C. tiff.jpeg
D. gif.tiff
To which remote devices can FortiGate send logs?
(Choose three.)
Response:
A. Syslog
B. FortiAnalyzer
C. Hard drive
D. Memory
E. FortiCloud