NSE4_FGT_AD-7.6 Exam Question 31
Refer to the exhibits.




The exhibits show a diagram of a FortiGate device connected to the network, VIP configuration, firewall policy, and the sniffer CLI output on the FortiGate device.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The webserver host (10.0.1.10) must use its VIP external IP address as the source NAT (SNAT) when it pings remote server (10.200.3.1).
Which two statements are valid to achieve this goal? (Choose two.)




The exhibits show a diagram of a FortiGate device connected to the network, VIP configuration, firewall policy, and the sniffer CLI output on the FortiGate device.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The webserver host (10.0.1.10) must use its VIP external IP address as the source NAT (SNAT) when it pings remote server (10.200.3.1).
Which two statements are valid to achieve this goal? (Choose two.)
NSE4_FGT_AD-7.6 Exam Question 32
Refer to the exhibits. The exhibits show a diagram of a FortiGate device connected to the network, and the firewall policies, VIP, and IP pool configurations on the FortiGate device.
The WAN (port2) interface has the IP address 100.65.0.101/24.
The LAN (port4) interface has the IP address 10.0.11.254/24.
The first firewall policy has NAT enabled using the IP pool. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT (SNAT) the internet traffic coming from a workstation with the IP address 10.0.11.50?




The WAN (port2) interface has the IP address 100.65.0.101/24.
The LAN (port4) interface has the IP address 10.0.11.254/24.
The first firewall policy has NAT enabled using the IP pool. The second firewall policy is configured with a VIP as the destination address.
Which IP address will be used to source NAT (SNAT) the internet traffic coming from a workstation with the IP address 10.0.11.50?




NSE4_FGT_AD-7.6 Exam Question 33
You are onboarding an agentless, secure web gateway (SWG) endpoint for secure internet access (SIA). What will happen to the user's nonweb traffic?
NSE4_FGT_AD-7.6 Exam Question 34
Refer to the exhibit. How can the administrator view the log messages shown in the exhibit?
(Choose two.)

(Choose two.)

NSE4_FGT_AD-7.6 Exam Question 35
Refer to the exhibits, which show the firewall policy and an antivirus profile configuration.


Why is the user unable to receive a block replacement message when downloading an infected file for the first time?


Why is the user unable to receive a block replacement message when downloading an infected file for the first time?
