Fortinet NSE 4 NSE4_FGT-6.4 Updated Questions | Killtest 2021
Mar 16,2021
Fortinet NSE 4 NSE4_FGT-6.4 exam questions have been updated, which are valuable for you to pass this Fortinet NSE 4 exam. We all know that NSE4_FGT-6.4 exam is new upgrade test of NSE4_FGT-6.2. According to the news from Fortinet official website, Fortinet NSE4_FGT-6.2 exam will be retired on April 30, 2021. If you decide to take Fortinet NSE 4-FortiOS 6.2 NSE4_FGT-6.2 exam, please do it before the retirement date. Killtest new updated Fortinet NSE 4 NSE4_FGT-6.4 questions and answers can guarantee you pass the test successfully.
Fortinet NSE 4 NSE4_FGT-6.4 Exam
The Fortinet NSE 4-FortiOS 6.4 exam is part of the NSE 4 Network Security Professional program, and recognizes the successful candidate’s knowledge of and expertise with FortiGate devices.
Time allowed: 105 minutes
Exam questions: 60 multiple-choice questions
Scoring: Pass or fail, a score report is available from your Pearson VUE account
Language: English and Japanese
Product version: FortiOS 6.4
NSE4_FGT-6.4 Fortinet NSE 4 Exam Topics
NSE4_FGT-6.4 Fortinet NSE 4 exam topics are listed below.
FortiGate deployment
Firewall and authentication
Content inspection
Routing and Layer 2 switching
VPN
New Updated Fortinet NSE 4 NSE4_FGT-6.4 questions and answers can help you study all the above topics. With all the Fortinet NSE 4 NSE4_FGT-6.4 exam updated questions, you can benefit more from the updated Fortinet NSE 4 NSE4_FGT-6.4 exam questions. Share some updated Fortinet NSE 4-FortiOS 6.4 exam NSE4_FGT-6.4 exam demo questions.
In consolidated firewall policies, IPv4 and IPv6 policies are combined in a single consolidated policy. Instead of separate policies. Which three statements are true about consolidated IPv4 and IPv6 policy configuration? (Choose three.)
A. The IP version of the sources and destinations in a firewall policy must be different.
B. The Incoming Interface. Outgoing Interface. Schedule, and Service fields can be shared with both IPv4 and IPv6.
C. The policy table in the GUI can be filtered to display policies with IPv4, IPv6 or IPv4 and IPv6 sources and destinations.
D. The IP version of the sources and destinations in a policy must match.
E. The policy table in the GUI will be consolidated to display policies with IPv4 and IPv6 sources and destinations.
Answer: A,C,E
Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)
A. hard-timeout
B. auth-on-demand
C. soft-timeout
D. new-session
E. Idle-timeout
Answer: A,D,E
Which CLI command will display sessions both from client to the proxy and from the proxy to the servers?
A. diagnose wad session list
B. diagnose wad session list | grep hook-pre&&hook-out
C. diagnose wad session list | grep hook=pre&&hook=out
D. diagnose wad session list | grep "hook=pre"&"hook=out"
Answer: D
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)
A. The keyUsage extension must be set to keyCertSign.
B. The common name on the subject field must use a wildcard name.
C. The issuer must be a public CA.
D. The CA extension must be set to TRUE.
Answer: B,D
A network administrator is configuring a new IPsec VPN tunnel on FortiGate. The remote peer IP address is dynamic, in addition, the remote peer does not support a dynamic DNS update service. What type of remote gateway should tie administrator configure on FortiGate for the new IPsec VPN tunnel to work?
A. Static IP Address
B. Dialup User
C. Dynamic DNS
D. Pre-shared Key
Answer: C