Dumps4free
Go Back on NSE4_FGT-7.2 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

NSE4_FGT-7.2 Practice Test


Page 3 out of 34 Pages

An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?


A.

Add the support of NTLM authentication.


B.

Add user accounts to Active Directory (AD).


C. Add user accounts to the FortiGate group fitter.


D. Add user accounts to the Ignore User List.





D.   Add user accounts to the Ignore User List.

Reference: https://community.fortinet.com/t5/Support-Forum/Collector-Agent-and-problemgetting-login-info/m-p/95481

Which two statements are correct about SLA targets? (Choose two.)


A. You can configure only two SLA targets per one Performance SLA.


B. SLA targets are optional.


C. SLA targets are required for SD-WAN rules with a Best Quality strategy.


D. SLA targets are used only when referenced by an SD-WAN rule.





B.   SLA targets are optional.

D.   SLA targets are used only when referenced by an SD-WAN rule.

Reference: 

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/382233/performance-sla-slatargets 

Which two statements are correct about a software switch on FortiGate? (Choose two.) 


A. It can be configured only when FortiGate is operating in NAT mode


B. Can act as a Layer 2 switch as well as a Layer 3 router


C. All interfaces in the software switch share the same IP address


D. It can group only physical interfaces





A.   It can be configured only when FortiGate is operating in NAT mode

C.   All interfaces in the software switch share the same IP address

Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)


A. diagnose sys top


B. execute ping


C.  execute traceroute


D. diagnose sniffer packet any


E. get system arp





B.   execute ping

C.    execute traceroute

D.   diagnose sniffer packet any

In which two ways can RPF checking be disabled? (Choose two )


A. Enable anti-replay in firewall policy.


B. Disable the RPF check at the FortiGate interface level for the source check


C. Enable asymmetric routing.


D. Disable strict-arc-check under system settings.





C.   Enable asymmetric routing.

D.   Disable strict-arc-check under system settings.

Reference: https://kb.fortinet.com/kb/documentLink .do?externalID=FD33955


Page 3 out of 34 Pages
Previous