FORTINET NSE 4 - FGT 6.4 CERTIFICATION EXAM SAMPLE QUESTIONS AND ANSWERS

FORTINET NSE 4 - FGT 6.4 CERTIFICATION EXAM
SAMPLE QUESTIONS AND ANSWERS
01. What statement is true regarding the Service setting in a firewall policy?

a) it is optional to add a service in a firewall policy.
b) It matches the traffic by port number.
c) Only one service object can be added to the firewall policy.
d) Administrators cannot create custom services objects.
Answer:

b) It matches the traffic by port number.
02. Which FortiGate feature sends real-time queries to the FortiGuard Distribution
Network (FDN)?

a) Web filtering
b) VPN
c) Antivirus
d) IPS
Answer:

a) Web filtering
03. How are the application control signatures updated on a FortiGate device?

a) By running the application control auto-learning feature.
b) Through FortiGuard updates.
c) By upgrading the FortiOS firmware to a newer release.
d) By clicking Update Signatures in the application control profile.
Answer:

b) Through FortiGuard updates.
04. Which FortiGate interface does source device type enable device detection
on?

a) All interfaces of FortiGate
b) Destination interface of the firewall policy only
c) Source interface of the firewall policy only
d) Both source interface and destination interface of the firewall policy
Answer:

c) Source interface of the firewall policy only
05. What criteria does FortiGate use to match traffic to a firewall policy?
(Choose two.)

a) Source and destination interfaces