Here you have the best Fortinet NSE4_FGT-6.0 practice exam questions
What files are sent to FortiSandbox for inspection in flow-based inspection mode?
In flow-based inspection mode, files are sent to FortiSandbox for inspection if they are flagged as suspicious and if the antivirus profile permits their submission. The antivirus profile settings determine which files are allowed to be submitted to FortiSandbox.
Which statements about a One-to-One IP pool are true? (Choose two.)
A One-to-One IP pool allows the fixed mapping of an internal address range to an external address range. This means that for each internal IP address, there is a corresponding external IP address, facilitating direct communication without port address translation. Additionally, a One-to-One IP pool does not use port address translation (PAT), which is typically used to map multiple internal IP addresses to a single external IP address. Therefore, the correct options are that a One-to-One IP pool allows the fixed mapping of internal and external address ranges and does not use port address translation.
Which of the following FortiGate configuration tasks will create a route in the policy route table? (Choose two.)
The correct answers are the ones that mention configurations that impact the policy route table specifically. Creating a static route with an Internet Services object (B) involves policy-based routing, as ISDB (Internet Services Database) addresses route traffic based on policies rather than just static routes, so they are added to the policy routing table. Creating an SD-WAN rule to route traffic based on link latency (D) also impacts the policy route table because SD-WAN rules are considered a form of policy-based routing where the selection of the path can vary according to the specified criteria like link latency.
A company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups.
What is required in the SSL VPN configuration to meet these requirements?
To meet the requirement of displaying different welcome messages on the SSL VPN login screens for two different user groups, the configuration needs to include different SSL VPN realms for each group. SSL VPN realms allow for the customization of login pages specific to user groups, enabling different messages and settings to be displayed based on the user's group designation.
An administrator is investigating a report of users having intermittent issues with browsing the web. The administrator ran diagnostics and received the output shown in the exhibit.
Examine the diagnostic output shown exhibit. Which of the following options is the most likely cause of this issue?
The diagnostic output displays a 'clash' value of 889, which suggests that the firewall is experiencing NAT port exhaustion. NAT port exhaustion occurs when there are not enough available ports to handle new connections, leading to intermittent connectivity issues. This is corroborated by the high clash counter in the diagnostic output. Therefore, the most likely cause of the issue is NAT port exhaustion.