NSE4_FGT-7.2 Exam Topics UPDATED
ACTUAL Exam Questions and CORRECT
Answers
What is FSSO? - CORRECT ANSWER - A software agent that enables FortiGate to
identify users for security policies or VPN access without asking for their UN & PW.
A FortiGate using FSSO identifies & maintains a database mapping of users, based on what 3
attributes? - CORRECT ANSWER - - User ID
- IP address
- Group Membership
Is FSSO typically used as a standalone service, or with a directory service? - CORRECT
ANSWER - With a directory service.
Ex: Windows Active Directory (AD)
What are the two available Modes when FSSO is deployed using Windows AD? - CORRECT
ANSWER - 1. Domain Controller (DC) Agent mode
2. Polling mode
FSSO deployed with Windows AD: What do DC Agents and Collector Agents do? - CORRECT
ANSWER - DC Agents monitor & forward user login events to the Collector Agents.
Collector Agents consolidate events received from the DC Agents and forward them to
FortiGate.
In FSSO, FortiGate allows network access based on?
a) Active user authentication with UN & PW
b) Passive user identification by User ID, IP, and Group - CORRECT ANSWER - b)
Passive...
,Which working mode is used for monitoring user sign-on activities in Windows AD?
a) Polling mode
b) eDirectory Agent mode - CORRECT ANSWER - a) Correct answer.
b) is used with Novell
Which mode is considered the recommended mode for FSSO?
a) DC Agent mode
b) Polling mode - CORRECT ANSWER - a) DC Agent mode
What are two required components of DC Agent mode? - CORRECT ANSWER - 1. DC
Agent
2. Collector Agent
What are the 3 options an FSSO collector Agent-Based Polling mode uses to collect login
information? - CORRECT ANSWER - 1. WMI
2. WinSecLog
3. NetAPI
What is meant by "Agentless" in FSSO Agentless Polling Mode? And what is meant by
"Polling"? - CORRECT ANSWER - Agentless means that there is no Collector Agent
software installed on, and collecting login information from DCs.
Polling means that FortiGate must poll the DCs for the login information. Basically, FortiGate is
acting like the Collector.
What is one of the features that FSSO Agentless Polling mode doesn't share with other options? -
CORRECT ANSWER - Workstation verification
Which FSSO mode requires more FortiGate resources (CPU & RAM)?
a) Polling mode: Collector Agent-Based
, b) Polling mode: Agentless - CORRECT ANSWER - b) Polling mode: Agentless
What are the two inspection modes available on a FortiGate firewall for inspecting traffic? -
CORRECT ANSWER - 1. Flow-Based Inspection mode
2. Proxy-Based Inspection mode
What's the main difference between Flow-Based & Proxy-Based Inspection modes? -
CORRECT ANSWER - 1. Flow-Based mode examines the traffic as it passes through the
FortiGate, without any buffering, and the original traffic is not altered.
2. Proxy-Based mode buffers traffic and examines it as a whole, before determining an action,
and the original traffic header might be changed because the firewall is a proxy.
What are the two NGFW modes available for a FortiGate device, or per-VDOM within a
FortiGate? - CORRECT ANSWER - 1. Profile-Based mode
2. Policy-Based mode
What's the main differences between Profile-Based & Policy-Based mode? - CORRECT
ANSWER - 1. Profile-Based mode requires application control & web filter profiles. It can
use Flow-Based or Proxy-Based inspection.
2. Policy-Based mode can use application control & web filter profiles, but they're not required.
Flow-Based inspection is the only mode available.
Web filtering helps you... ? - CORRECT ANSWER - Control or track websites that people
visit.
When does Web Filtering activate in a FortiGate? - CORRECT ANSWER - When an
HTTP GET request has been sent.
ACTUAL Exam Questions and CORRECT
Answers
What is FSSO? - CORRECT ANSWER - A software agent that enables FortiGate to
identify users for security policies or VPN access without asking for their UN & PW.
A FortiGate using FSSO identifies & maintains a database mapping of users, based on what 3
attributes? - CORRECT ANSWER - - User ID
- IP address
- Group Membership
Is FSSO typically used as a standalone service, or with a directory service? - CORRECT
ANSWER - With a directory service.
Ex: Windows Active Directory (AD)
What are the two available Modes when FSSO is deployed using Windows AD? - CORRECT
ANSWER - 1. Domain Controller (DC) Agent mode
2. Polling mode
FSSO deployed with Windows AD: What do DC Agents and Collector Agents do? - CORRECT
ANSWER - DC Agents monitor & forward user login events to the Collector Agents.
Collector Agents consolidate events received from the DC Agents and forward them to
FortiGate.
In FSSO, FortiGate allows network access based on?
a) Active user authentication with UN & PW
b) Passive user identification by User ID, IP, and Group - CORRECT ANSWER - b)
Passive...
,Which working mode is used for monitoring user sign-on activities in Windows AD?
a) Polling mode
b) eDirectory Agent mode - CORRECT ANSWER - a) Correct answer.
b) is used with Novell
Which mode is considered the recommended mode for FSSO?
a) DC Agent mode
b) Polling mode - CORRECT ANSWER - a) DC Agent mode
What are two required components of DC Agent mode? - CORRECT ANSWER - 1. DC
Agent
2. Collector Agent
What are the 3 options an FSSO collector Agent-Based Polling mode uses to collect login
information? - CORRECT ANSWER - 1. WMI
2. WinSecLog
3. NetAPI
What is meant by "Agentless" in FSSO Agentless Polling Mode? And what is meant by
"Polling"? - CORRECT ANSWER - Agentless means that there is no Collector Agent
software installed on, and collecting login information from DCs.
Polling means that FortiGate must poll the DCs for the login information. Basically, FortiGate is
acting like the Collector.
What is one of the features that FSSO Agentless Polling mode doesn't share with other options? -
CORRECT ANSWER - Workstation verification
Which FSSO mode requires more FortiGate resources (CPU & RAM)?
a) Polling mode: Collector Agent-Based
, b) Polling mode: Agentless - CORRECT ANSWER - b) Polling mode: Agentless
What are the two inspection modes available on a FortiGate firewall for inspecting traffic? -
CORRECT ANSWER - 1. Flow-Based Inspection mode
2. Proxy-Based Inspection mode
What's the main difference between Flow-Based & Proxy-Based Inspection modes? -
CORRECT ANSWER - 1. Flow-Based mode examines the traffic as it passes through the
FortiGate, without any buffering, and the original traffic is not altered.
2. Proxy-Based mode buffers traffic and examines it as a whole, before determining an action,
and the original traffic header might be changed because the firewall is a proxy.
What are the two NGFW modes available for a FortiGate device, or per-VDOM within a
FortiGate? - CORRECT ANSWER - 1. Profile-Based mode
2. Policy-Based mode
What's the main differences between Profile-Based & Policy-Based mode? - CORRECT
ANSWER - 1. Profile-Based mode requires application control & web filter profiles. It can
use Flow-Based or Proxy-Based inspection.
2. Policy-Based mode can use application control & web filter profiles, but they're not required.
Flow-Based inspection is the only mode available.
Web filtering helps you... ? - CORRECT ANSWER - Control or track websites that people
visit.
When does Web Filtering activate in a FortiGate? - CORRECT ANSWER - When an
HTTP GET request has been sent.
