QUESTION: 1
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is
used as the source of the HTTP request?
A. remote user’s public IP address
B. The public IP address of the FortiGate device.
C. The remote user’s virtual IP address.
D. The internal IP address of the FotiGate device.
Answer: D
QUESTION: 2
A team manager has decided that while some members of the team need access to particular
website, the majority of the team does not. Which configuration option is the most effective option
to support this request?
A. Implement a web filter category override for the specified website.
B. Implement web filter authentication for the specified website
C. Implement web filter quotas for the specified website.
D. Implement DNS filter for the specified website.
Answer: A
QUESTION: 3
Which of the following statements are best practices for troubleshooting FSSO? (Choose two.)
A. Include the group of guest users in a policy.
B. Extend timeout timers.
C. Guarantee at least 34 Kbps bandwidth between FortiGate and domain controllers.
D. Ensure all firewalls allow the FSSO required ports.
Answer: A,D
QUESTION: 4
Which statements about antivirus scanning mode are true? (Choose two.)
A. In proxy-based inspection mode antivirus buffers the whole file for scarring before sending it to
the client.
B. In flow-based inspection mode, you can use the CLI to configure antivirus profiles to use protocol
option profiles.
C. In proxy-based inspection mode, if a virus is detected, a replacement message may not be
displayed immediately.
D. In quick scan mode, you can configure antivirus profiles to use any of the available signature data
bases.
Answer: B,D
QUESTION: 5
In a high availability (HA) cluster operating in active-active mode, which of the following correctly
describes the path taken by the SYN packet of an HTTP session that is offloaded to a secondary
FortiGate?
A. Client > primary FortiGate> secondary FortiGate> primary FortiGate> web server.
B. Client > secondary FortiGate> web server.
C. Client >secondary FortiGate> primary FortiGate> web server.
D. Client> primary FortiGate> secondary FortiGate> web server.
Answer: D
QUESTION: 6
An administrator is configuring an IPsec between site A and site B. The Remotes Gateway setting in
both sites has been configured as Static IP Address. For site A, the local quick mode selector is
192.16.1.0/24 and the remote quick mode selector is 192.16.2.0/24. How must the administrator
configure the local quick mode selector for site B?
A. 192.168.3.0.24
B. 192.168.2.0.24
C. 192.168.1.0.24
D. 192.168.0.0.8
Answer: A
Click
here to view complete Q&A of NSE4_FGT-6.0 exam
Certkingdom Review,
Certkingdom PDF Torrents
Best Fortinet NSE4 NSE4_FGT-6.0 Certification, Fortinet NSE4 NSE4_FGT-6.0 Training at certkingdom.com