Dumps4free
Go Back on NSE4_FGT-7.2 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

NSE4_FGT-7.2 Practice Test


Page 2 out of 34 Pages

Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?


A. diagnose wad session list


B. diagnose wad session list | grep hook-pre&&hook-out


C. diagnose wad session list | grep hook=pre&&hook=out


D. diagnose wad session list | grep "hook=pre"&"hook=out"





A.   diagnose wad session list

Which two actions can you perform only from the root FortiGate in a Security Fabric? (Choose two.)


A. Shut down/reboot a downstream FortiGate device.


B. Disable FortiAnalyzer logging for a downstream FortiGate device.


C. Log in to a downstream FortiSwitch device.


D. Ban or unban compromised hosts.





A.   Shut down/reboot a downstream FortiGate device.

B.   Disable FortiAnalyzer logging for a downstream FortiGate device.

An administrator has configured outgoing Interface any in a firewall policy. Which statement is true about the policy list view?


A.  Policy lookup will be disabled.


B. By Sequence view will be disabled.


C. Search option will be disabled


D. Interface Pair view will be disabled.





D.   Interface Pair view will be disabled.

https://kb.fortinet.com/kb/documentLink.do?externalID=FD47821

What are two benefits of flow-based inspection compared to proxy-based inspection? (Choose two.)


A. FortiGate uses fewer resources.


B.  FortiGate performs a more exhaustive inspection on traffic.


C. FortiGate adds less latency to traffic.


D.  FortiGate allocates two sessions per connection.





A.   FortiGate uses fewer resources.

C.   FortiGate adds less latency to traffic.

Reference: https://community.fortinet.com/t5/Support-Forum/Proxy-based-vs-Flow-basedInspection-Mode-for-Web-Filter/m-p/19204

Flow-based inspection is a type of traffic inspection that is used by some firewall devices, including FortiGate, to analyze network traffic. It is designed to be more efficient and less resource-intensive than proxy-based inspection, and it offers several benefits over this approach.

Two benefits of flow-based inspection compared to proxy-based inspection are:

FortiGate uses fewer resources: Flow-based inspection uses fewer resources than proxybased inspection, which can help to improve the performance of the firewall device and reduce the impact on overall system performance.

FortiGate adds less latency to traffic: Flow-based inspection adds less latency to traffic than proxy-based inspection, which can be important for real-time applications or other types of traffic that require low latency.

Which statement about the deployment of the Security Fabric in a multi-VDOM environment is true?


A. VDOMs without ports with connected devices are not displayed in the topology.


B. Downstream devices can connect to the upstream device from any of their VDOMs.


C.  Security rating reports can be run individually for each configured VDOM.


D.  Each VDOM in the environment can be part of a different Security Fabric.





A.   VDOMs without ports with connected devices are not displayed in the topology.

FortiGate Security 7.2 Study Guide (p.436): "When you configure FortiGate devices in multi-vdom mode and add them to the Security Fabric, each VDOM with its assigned ports is displayed when one or more devices are detected. Only the ports with discovered and connected devices appear in the Security Fabric view and, because of this, you must enable Device Detection on ports you want to have displayed in the Security Fabric. VDOMs without ports with connected devices are not displayed. All VDOMs configured must be part of a single Security Fabric." 


Page 2 out of 34 Pages
Previous