An administrator is configuring an IPsec VPN between site A and site B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192. 168. 1.0/24 and the remote quick mode selector is 192. 168.2.0/24. Which subnet must the administrator configure for the local quick mode selector for site B?
Answer(s): C
For an IPsec VPN between site A and site B, the administrator has configured the local quick mode selector for site A as 192.168.1.0/24 and the remote quick mode selector as 192.168.2.0/24. This means that the VPN will allow traffic to and from the 192.168.1.0/24 subnet at site A to reach the192.168.2.0/24 subnet at site B.To complete the configuration, the administrator must configure the local quick mode selector for site B. To do this, the administrator must use the same subnet as the remote quick mode selector for site A, which is 192.168.2.0/24. This will allow traffic to and from the 192.168.2.0/24 subnet at site B to reach the 192.168.1.0/24 subnet at site A.Therefore, the administrator must configure the local quick mode selector for site B as 192.168.2.0/24.
Which two statements are true about the FGCP protocol? (Choose two.)
Answer(s): A,C
The FGCP (FortiGate Clustering Protocol) is a protocol that is used to manage high availability (HA) clusters of FortiGate devices. It performs several functions, including the following:FGCP elects the primary FortiGate device: In an HA cluster, FGCP is used to determine which FortiGate device will be the primary device, responsible for handling traffic and making decisions about what to allow or block. FGCP uses a variety of factors, such as the device's priority, to determine which device should be the primary.FGCP runs only over the heartbeat links: FGCP communicates between FortiGate devices in the HA cluster using the heartbeat links. These are dedicated links that are used to exchange status and control information between the devices. FGCP does not run over other types of links, such as data links.
https://docs.fortinet.com/document/fortigate/6.4.0/ports-and-protocols/564712/fgcp-fortigate- clustering-protocolFortiGate Infrastructure 7.2 Study Guide (p.292): "FortiGate HA uses the Fortinet-proprietary FortiGate Clustering Protocol (FGCP) to discover members, elect the primary FortiGate, synchronize data among members, and monitor the health of members. To discover and monitor members, the members broadcast heartbeat packets over all configured heartbeat interfaces."
Which two attributes are required on a certificate so it can be used as a CA certificate on SSL Inspection? (Choose two.)
Answer(s): A,D
"In order for FortiGate to act in these roles, its CA certificate must have the basic constraints extension set to cA=True and the value of the keyUsage extension set to keyCertSign."
https://www.reddit.com/r/fortinet/comments/c7j6jg/recommended_ssl_cert/
Which two inspection modes can you use to configure a firewall policy on a profile-based next- generation firewall (NGFW)? (Choose two.)
Refer to the exhibit.The Root and To_Internet VDOMs are configured in NAT mode. The DMZ and Local VDOMs are configured in transparent mode.The Root VDOM is the management VDOM. The To_Internet VDOM allows LAN users to access the internet. The To_Internet VDOM is the only VDOM with internet access and is directly connected to ISP modem .With this configuration, which statement is true?
Answer(s): A
https://kb.fortinet.com/kb/documentLink .do?externalID=FD46542
Share your comments for Fortinet NSE4_FGT-7.2 exam with other users:
good morning, could you please upload this exam again?
hi please upload sre foundation and practitioner exam questions
the exam is listed as 80 questions with a pass mark of 70%, how is your 50 questions related?
all questions are so important and covers all ccna modules
q 44. ans:- b (goto setup > order settings > select enable optional price books for orders) reference link --> https://resources.docs.salesforce.com/latest/latest/en-us/sfdc/pdf/sfom_impl_b2b_b2b2c.pdf(decide whether you want to enable the optional price books feature. if so, select enable optional price books for orders. you can use orders in salesforce while managing price books in an external platform. if you’re using d2c commerce, you must select enable optional price books for orders.)
"cost of replacing data if it were lost" is also correct.
pls upload the questions
good questions
question 182 - correct answer is d. ethernet frame length is 64 - 1518b. length of user data containing is that frame: 46 - 1500b.
i need this exam pls
its required for me, please make it enable to access. thanks
seems good..
took the test last week, i did have about 15 - 20 word for word from this site on the test. (only was able to cram 600 of the questions from this site so maybe more were there i didnt review) had 4 labs, bgp, lacp, vrf with tunnels and actually had to skip a lab due to time. lots of automation syntax questions.
no comments
nice questions bring out the best in you.
really helpful
question #50 and question #81 are exactly the same questions, azure site recovery provides________for virtual machines. the first says that it is fault tolerance is the answer and second says disater recovery. from my research, it says it should be disaster recovery. can anybody explain to me why? thank you
iam thankful for these exam dumps questions, i would not have passed without this exam dumps.
some of the answers seem to be inaccurate. q10 for example shouldnt it be an m custom column?
are the question real or fake?
thank you for providing such assistance.
nice questions
my 3rd purcahse from this site. these exam dumps are helpful. very helpful.
found it good
excellent material
very helpfull
well explained.
i need the pdf, please.
a good source for exam preparation
i need ielts general training audio guide questions
please make this content available
content is good
latest dumps please
Keeping this site free takes real effort. We constantly battle automated scraping and unauthorized content copying. A quick account helps us protect the community and keep the site free.
To continue studying for your NSE4_FGT-7.2, please sign in or create a free account.