Logo ExamsQA
Exit
Official Bank 0/165

Fortinet NSE 4 - FortiOS 6.4 Exam (NSE4_FGT) - Fortinet Actual Exam Questions

Last updated on May 02, 2026

97% Exam Compliance
165 Total Questions
1
Question

Refer to the exhibit. The exhibit contains a network diagram, central SNAT policy, and IP pool configuration. The WAN (port1) interface has the IP address 10.200.1.1/24. The LAN (port3) interface has the IP address 10.0.1.254/24. A firewall policy is configured to allow to destinations from LAN (port3) to WAN (port1). Central NAT is enabled, so NAT settings from matching Central SNAT policies will be applied. Which IP address will be used to source NAT the traffic, if the user on Local-Client (10.0.1.10) pings the IP address of Remote-FortiGate (10.200.3.1)?

Question image Question image Question image Question image
Options
A

10.200.1.149
B

10.200.1.1
C

10.200.1.49
D

10.200.1.99
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

2
Question

Which three statements about a flow-based antivirus profile are correct? (Choose three.)

Select 3
Options
A

IPS engine handles the process as a standalone.
B

FortiGate buffers the whole file but transmits to the client simultaneously.
C

If the virus is detected, the last packet is delivered to the client.
D

Optimized performance compared to proxy-based inspection.
E

Flow-based inspection uses a hybrid of scanning modes available in proxy-based inspection.
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

3
Question

Refer to the exhibit. The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode. The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the Internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem. Which two statements are true? (Choose two.)

Question image
Select 2
Options
A

Inter-VDOM links are required to allow traffic between the Local and Root VDOMs.
B

A static route is required on the To_Internet VDOM to allow LAN users to access the internet.
C

Inter-VDOM links are required to allow traffic between the Local and DMZ VDOMs.
D

Inter-VDOM links are not required between the Root and To_Internet VDOMs because the Root VDOM is used only as a management VDOM.
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

4
Question

What is the limitation of using a URL list and application control on the same firewall policy, in NGFW policy-based mode?

Options
A

It limits the scanning of application traffic to the DNS protocol only.
B

It limits the scanning of application traffic to use parent signatures only.
C

It limits the scanning of application traffic to the browser-based technology category only.
D

It limits the scanning of application traffic to the application category only.
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

5
Question

How do you format the FortiGate flash disk?

Options
A

Load a debug FortiOS image.
B

Load the hardware test (HQIP) image.
C

Execute the CLI command execute formatlogdisk.
D

Select the format boot device option from the BIOS menu.
Discussion (0 comments)

to join the discussion

Community Discussion

No discussions yet. Be the first to ask!

Finish Practice?

Are you sure you want to finish? This will end your practice session.