Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Fortinet
  3. NSE4_FGT-7.0

Fortinet NSE4_FGT-7.0 (page: 6)

Fortinet NSE 4 - FortiOS 7.0

Updated 26-Apr-2026

Page 6 of 36 NSE4_FGT-7.0 PDF — 172 Questions

Why does FortiGate keep TCP sessions in the session table for several seconds, even after both sides (client and server) have terminated the session?

  1. To allow for out-of-order packets that could arrive after the FIN/ACK packets
  2. To finish any inspection operations
  3. To generate logs
  4. To remove the NAT operation

Answer(s): A

Explanation:

TCP provides the ability for one end of a connection to terminate its output while still receiving data from the other end. This is called a half-close. FortiGate unit implements a specific timer before removing an entry in the firewall session table.



Refer to the exhibit.


A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up, but phase 2 fails to come up.

Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?

  1. On HQ-FortiGate, enable Auto-negotiate.
  2. On HQ-FortiGate, enable Diffie-Hellman Group 2.
  3. On HQ-FortiGate, set Encryption to AES256.
  4. On Remote-FortiGate, set Seconds to 43200.

Answer(s): C

Explanation:

Encryption and authentication algorithm needs to match in order for IPSEC be successfully established.



Refer to the exhibit.

Examine the intrusion prevention system (IPS) diagnostic command.

Which statement is correct if option 5 was used with the IPS diagnostic command and the outcome was a decrease in the CPU usage?

  1. The IPS engine will continue to run in a normal state.
  2. The IPS engine was unable to prevent an intrusion attack.
  3. The IPS engine was blocking all traffic.
  4. The IPS engine was inspecting high volume of traffic.

Answer(s): D


Reference:

https://docs.fortinet.com/document/fortigate/6.2.3/cookbook/232929/troubleshooting-high-cpu-usage



An administrator has configured the following settings:

What are the two results of this configuration? (Choose two.)

  1. A session for denied traffic is created.
  2. Denied users are blocked for 30 minutes.
  3. The number of logs generated by denied traffic is reduced.
  4. Device detection on all interfaces is enforced for 30 minutes.

Answer(s): A,C


Reference:

https://kb.fortinet.com/kb/documentLink.do?externalID=FD46328



Which CLI command allows administrators to troubleshoot Layer 2 issues, such as an IP address conflict?

  1. get system performance status
  2. get system status
  3. get system arp
  4. diagnose sys top

Answer(s): C



Page 6 of 36

Share your comments for Fortinet NSE4_FGT-7.0 exam with other users:

Yves 8/29/2023 8:46:00 PM

very inciting
Anonymous


Miguel 10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;
SPAIN


Byset 9/25/2023 12:49:00 AM

it look like real one
Anonymous


Debabrata Das 8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps
Anonymous


nITA KALE 8/22/2023 1:57:00 AM

i need dumps
Anonymous


CV 9/9/2023 1:54:00 PM

its time to comptia sec+
GREECE


SkepticReader 8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
UNITED STATES


Nabin 10/16/2023 4:58:00 AM

helpful content
MALAYSIA


Blessious Phiri 8/15/2023 3:19:00 PM

oracle 19c is complex db
Anonymous


Sreenivas 10/24/2023 12:59:00 AM

helpful for practice
Anonymous


Liz 9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.
UNITED STATES


Namrata 7/15/2023 2:22:00 AM

helpful questions
Anonymous


lipsa 11/8/2023 12:54:00 PM

thanks for question
Anonymous


Eli 6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
EUROPEAN UNION


open2exam 10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?
Anonymous


Gerald 9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
UNITED STATES


ryo 9/10/2023 2:27:00 PM

very helpful
MEXICO


Jamshed 6/20/2023 4:32:00 AM

i need this exam
PAKISTAN


Roberto Capra 6/14/2023 12:04:00 PM

nice questions... are these questions the same of the exam?
Anonymous


Synt 5/23/2023 9:33:00 PM

need to view
UNITED STATES


Vey 5/27/2023 12:06:00 AM

highly appreciate for your sharing.
CAMBODIA


Tshepang 8/18/2023 4:41:00 AM

kindly share this dump. thank you
Anonymous


Jay 9/26/2023 8:00:00 AM

link plz for download
UNITED STATES


Leo 10/30/2023 1:11:00 PM

data quality oecd
Anonymous


Blessious Phiri 8/13/2023 9:35:00 AM

rman is one good recovery technology
Anonymous


DiligentSam 9/30/2023 10:26:00 AM

need it thx
Anonymous


Vani 8/10/2023 8:11:00 PM

good questions
NEW ZEALAND


Fares 9/11/2023 5:00:00 AM

good one nice revision
Anonymous


Lingaraj 10/26/2023 1:27:00 AM

i love this thank you i need
Anonymous


Muhammad Rawish Siddiqui 12/5/2023 12:38:00 PM

question # 142: data governance is not one of the deliverables in the document and content management context diagram.
SAUDI ARABIA


al 6/7/2023 10:25:00 AM

most answers not correct here
Anonymous


Bano 1/19/2024 2:29:00 AM

what % of questions do we get in the real exam?
UNITED STATES


Oliviajames 10/25/2023 5:31:00 AM

i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!
UNITED STATES


Divya 8/27/2023 12:31:00 PM

all the best
UNITED STATES


AI Tutor 👋 I’m here to help!