← Back to exam page

NSE4_FGT-6.0 Fortinet NSE 4 - FortiOS 6.0

Loading demo links...

Showing 1–3 of 10 questions

Question 1

Which of the following conditions are required for establishing an IPSec VPN between two FortiGate devices? (Choose two.)

Select all that apply, then click Submit answer.

  • If XAuth is enabled as a server in one peer, it must be enabled as a client in the other peer.

  • If the VPN is configured as route-based, there must be at least one firewall policy with the action set to IPSec.

  • If the VPN is configured as DialUp User in one peer, it must be configured as either Static IP Address or Dynamic DNS in the other peer.

  • If the VPN is configured as a policy-based in one peer, it must also be configured as policy-based in the other peer.
Question 2

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

Select all that apply, then click Submit answer.

  • The interface has been configured for one-arm sniffer.

  • The interface is a member of a virtual wire pair.

  • The operation mode is transparent.

  • The interface is a member of a zone.

  • Captive portal is enabled in the interface.
Question 3

Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)

Select all that apply, then click Submit answer.

  • This is known as many-to-one NAT.

  • Source IP is translated to the outgoing interface IP.

  • Connections are tracked using source port and source MAC address.

  • Port address translation is not used.