Dumps4free
Go Back on NSE4_FGT-7.2 Exam
Available in 1, 3, 6 and 12 Months Free Updates Plans
PDF: $15 $60

Test Engine: $20 $80

PDF + Engine: $25 $99

NSE4_FGT-7.2 Practice Test


Page 7 out of 34 Pages

The IPS engine is used by which three security features? (Choose three.) 


A. Antivirus in flow-based inspection


B. Web filter in flow-based inspection


C. Application control


D. DNS filter


E. Web application firewall





A.   Antivirus in flow-based inspection

B.   Web filter in flow-based inspection

C.   Application control

FortiGate Security 7.2 Study Guide (p.385): "The IPS engine is responsible for most of the features shown in this lesson: IPS and protocol decoders. It’s also responsible for application control, flow-based antivirus protection, web filtering, and email filtering."

Which timeout setting can be responsible for deleting SSL VPN associated sessions?


A. SSL VPN idle-timeout


B. SSL VPN http-request-body-timeout


C. SSL VPN login-timeout


D. SSL VPN dtls-hello-timeout





A.   SSL VPN idle-timeout

Reference: https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPNdisconnection-issues-when connected with/tap/207851#:~:text=By-default%2C-a-SSL%2DVPN,hours-due-to-auth%2Dtimeout

The SSL VPN idle-timeout setting determines how long an SSL VPN session can be inactive before it is terminated. When an SSL VPN session becomes inactive (for example, if the user closes the VPN client or disconnects from the network), the session timer begins to count down. If the timer reaches the idle-timeout value before the user reconnects or sends any new traffic, the session will be terminated and the associated resources (such as VPN tunnels and virtual interfaces) will be deleted.

Which feature in the Security Fabric takes one or more actions based on event triggers?


A. Fabric Connectors


B. Automation Stitches


C. Security Rating


D. Logical Topology





B.   Automation Stitches

Reference: https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/286973/fortinetsecurity-fabric

On FortiGate, which type of logs record information about traffic directly to and from the FortiGate management IP addresses?


A. System event logs


B. Forward traffic logs


C. Local traffic logs


D. Security logs





C.   Local traffic logs

Reference: https://docs.fortinet.com/document/fortigate/5.4.0/cookbook/476970

Traffic logs record the traffic flowing through your FortiGate unit. Since traffic needs firewall policies to properly flow through FortiGate, this type of logging is also called firewall policy logging. Firewall policies control all traffic attempting to pass through the FortiGate unit, between FortiGate interfaces, zones, and VLAN sub-interfaces.

FortiGate Security 7.2 Study Guide (p.176): "Local traffic logs contain information about traffic directly to and from the FortiGate management IP addresses. They also include connections to the GUI and FortiGuard queries."

If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source filed of a firewall policy?


A. IP address


B. Once Internet Service is selected, no other object can be added


C. User or User Group


D. FQDN address





B.   Once Internet Service is selected, no other object can be added

Reference: https://docs.fortinet.com/document/fortigate/6.2.5/cookbook/179236/using-internet-servicein-policy


Page 7 out of 34 Pages
Previous