NSE4_FGT-7.2 Fortinet NSE 4FortiOS 7.2 - Practice Questions

Question 7

Refer to the exhibit.

Graphical user interface, table Description automatically generated

Table Description automatically generated

The exhibit contains a network diagram, central SNAT policy, and IP pool configuration.

The WAN (port1) interface has the IP address 10.200. 1. 1/24.

The LAN (port3) interface has the IP address 10.0. 1.254/24.

A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1).

Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied.

Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0. 1. 10) pings the IP address of Remote-FortiGate (10.200.3. 1)?

Select an option, then click Submit answer.

○
10.200. 1. 149
○
10.200. 1. 1
○
10.200. 1.49
○
10.200. 1.99

Question 8

74

An administrator needs to increase network bandwidth and provide redundancy.

What interface type must the administrator select to bind multiple FortiGate interfaces?

Select an option, then click Submit answer.

○
VLAN interface
○
Software Switch interface
○
Aggregate interface
○
Redundant interface

Question 9

An administrator must disable RPF check to investigate an issue.

Which method is best suited to disable RPF without affecting features like antivirus and intrusion prevention system?

Select an option, then click Submit answer.

○
Enable asymmetric routing, so the RPF check will be bypassed.
○
Disable the RPF check at the FortiGate interface level for the source check.
○
Disable the RPF check at the FortiGate interface level for the reply check .
○
Enable asymmetric routing at the interface level.

NSE4_FGT-7.2 – Fortinet NSE 4FortiOS 7.2