Exam series: NSE4_FGT-7.2
Number of questions: 60
Exam time: 105 minutes
Language: English and Japanese
Product version: FortiOS 7.2
Status: Available
Exam details: exam description
NSE 4 Certification
The Network Security Professional* designation identifies your ability to configure, install, and manage the day-to-day configuration, monitoring, and operation of FortiGate to support specific corporate network security policies. Visit the
Fortinet NSE Certification Program page for information about certification requirements.
Fortinet NSE 4—FortiOS 7.2
The Fortinet NSE 4—FortiOS 7.2 exam is part of the NSE 4 Network Security Professional* program, and recognizes the successful* candidate’s knowledge of and expertise with FortiGate.
The exam tests applied knowledge of FortiGate configuration, operation, and day-to-day administration, and includes operational* scenarios, configuration extracts, and troubleshooting captures.
Audience
The Fortinet NSE 4—FortiOS 7.2 exam is intended for network and security professionals responsible for the configuration and administration of firewall* solutions in an enterprise network security infrastructure.
Examkingdom Fortinet NSE4_FGT-7.2 Exam pdf,
Best Fortinet NSE4_FGT-7.2 Free downloads , Fortinet NSE4_FGT-7.2 Dumps at Certkingdom.com
Exam Details
Exam name Fortinet NSE 4—FortiOS 7.2
Exam series NSE4_FGT-7.2
Time allowed 105 minutes
Exam questions 60 multiple-choice questions
Scoring Pass or fail, a score report is available from your Pearson VUE account
Language English and Japanese
Product version FortiOS 7.2
Exam Topics
Successfu* candidates have applied knowledge and skills in the following areas and tasks:
* Deployment and System Configuration
* Perform initial* configuration
* Implement the Fortinet Security Fabric
* Configure log settings and diagnose problems using the logs
* Configure VDOMs to split a FortiGate into multiple virtual* devices
* Configure different operation modes for an FGCP HA cluster
* Diagnose resource and connectivity problems
* Firewall* and authentication
* Configure firewall* policies
* Configure firewall* policy NAT and central* NAT
* Configure different methods of firewall* authentication
* Explain how to deploy and configure FSSO
* Content inspection
* Inspect encrypted traffic using certificates
* Identify FortiGate inspection modes and configure web filtering
* Configure application control* to monitor and control* network applications
* Configure antivirus scanning modes to neutralize malware threats
* Configure IPS to protect network from threats and vulnerabilities
* Routing
* Configure and route packets using static and policy-based routes
* VPN
* Configure and implement different SSL* VPN modes to provide secure access to your private network
* Implement a meshed or partially redundant IPsec VPN
* Configure ZTNA to provide role-based application access
Training Resources
The following resources are recommended for attaining the knowledge and skills that are covered on the exam. The recommended training is available as a foundation for exam preparation. In addition to training, candidates are strongly
encouraged to have hands-on experience with the exam topics and objectives.
Fortinet Training Institute Courses
* NSE 4 FortiGate Security 7.2
* NSE 4 FortiGate Infrastructure 7.2
Other Resources
* FortiOS 7.2—Administration Guide
* FortiOS 7.2—New Features Guide
Experience
* Minimum of six months of hands-on experience with FortiGate
Exam Sample Questions
QUESTION 1
Which two statements are correct about NGFW Policy-based mode? (Choose two.)
A. NGFW policy-based mode does not require the use of central source NAT policy
B. NGFW policy-based mode can only be applied globally and not on individual VDOMs
C. NGFW policy-based mode supports creating applications and web filtering categories directly in a firewall policy
D. NGFW policy-based mode policies support only flow inspection
Answer: CD
QUESTION 2
Which contains a session diagnostic output. Which statement is true about the session diagnostic output?
A. The session is in SYN_SENT state.
B. The session is in FIN_ACK state.
C. The session is in FTN_WAIT state.
D. The session is in ESTABLISHED state.
Answer: A
QUESTION 3
Which two statements explain antivirus scanning modes? (Choose two.)
A. In proxy-based inspection mode, files bigger than the buffer size are scanned.
B. In flow-based inspection mode, FortiGate buffers the file, but also simultaneously transmits it to the client.
C. In proxy-based inspection mode, antivirus scanning buffers the whole file for scanning, before sending it to the client.
D. In flow-based inspection mode, files bigger than the buffer size are scanned.
Answer: B,C
QUESTION 4
Refer to the web filter raw logs.
Based on the raw logs shown in the exhibit, which statement is correct?
A. Social networking web filter category is configured with the action set to authenticate.
B. The action on firewall policy ID 1 is set to warning.
C. Access to the social networking web filter category was explicitly blocked to all users.
D. The name of the firewall policy is all_users_web.
Answer: A
QUESTION 5
Which two configuration settings are synchronized when FortiGate devices are in an active-active HA cluster? (Choose two.)
A. FortiGuard web filter cache
B. FortiGate hostname
C. NTP
D. DNS
Answer: C,D
Comments Off on NSE4_FGT-7.2 Fortinet NSE 4 – FortiOS 7.2 Exam