Fortinet NSE 4 - FortiOS 7.6 Administrator
Last Update Jul 14, 2026
Total Questions : 95
We are offering FREE NSE4_FGT_AD-7.6 Fortinet exam questions. All you do is to just go and sign up. Give your details, prepare NSE4_FGT_AD-7.6 free exam questions and then go for complete pool of Fortinet NSE 4 - FortiOS 7.6 Administrator test questions that will help you more.
What are two features of FortiGate FSSO agentless polling mode? (Choose two.)
When configuring a FortiGate in a multi-WAN setup, why would an administrator enable session preservation on an interface? (Choose one answer)
Refer to the exhibit to view the firewall policy.

Why would the firewall policy not block a well-known virus, for example EICAR? (Choose one answer)
Refer to the exhibit.

Based on this partial configuration, what are the two possible outcomes when FortiGate enters conserve mode? (Choose two.)
Refer to the exhibits.

The exhibits show a diagram of a FortiGate device connected to the network, and the firewall configuration. An administrator created a Deny policy with default settings to deny Webserver access for Remote-User2. The policy should work such that Remote-User1 must be able to access the Webserver while preventing Remote-User2 from accessing the Webserver. Which additional configuration can the administrator add to a deny firewall policy, beyond the default behavior, to block Remote-User2 from accessing the Webserver? (Choose one answer)
An administrator has configured a dialup IPsec VPN on FortiGate with add-route enabled. However, the static route is not showing in the routing table. Which two statements about this scenario are correct? (Choose two.)
FortiGate is operating in NAT mode and has two physical interfaces connected to the LAN and DMZ networks respectively. Which two statements about the requirements of connected physical interfaces on FortiGate are true? (Choose two.)
Refer to the exhibit.

An administrator has created a new firewall address to use as the destination for a static route. Why is the administrator not able to select the new address in the Destination field of the new static route? (Choose one answer)
Exhibits:

You are asked to implement an antivirus profile for files downloaded through FTP, HTTP, and HTTPS.
While testing, you are successful with HTTP and FTP protocols, but FortiGate does not block the file download over HTTPS.
What could be the cause?
Refer to the exhibit.

A partial cloud topology is shown.
You deployed a FortiGate Cloud-Native Firewall (CNF) in AWS for FortiGate CNF policy enforcement for EC2 instance traffic. Which path does the EC2 traffic take from the EC2 instance to the internet?
Refer to the exhibits.



An administrator has observed the performance status outputs on an HA cluster for 55 seconds.
Which FortiGate is the primary?
Refer to the exhibit.

The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile. An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category. What are two solutions for satisfying the requirement? (Choose two answers)
Refer to the exhibit.

A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up, but phase 2 fails to come up.
Based on the phase 2 configuration shown in the exhibit, which two configuration changes will bring phase 2 up? (Choose two.)
You have configured the below commands on a FortiGate.

What would be the impact of this configuration on FortiGate?
Refer to the exhibit.
A routing table is shown

An administrator wants to create a new static route so the traffic to the subnet 172.20.1.0/24 is routed through port2 only. What are the two criteria that the administrator can use to achieve this objective? (Choose two.)
Refer to the exhibit.

What can you conclude from the log shown in the exhibit?
Refer to the exhibit.

Based on the routing table shown in the exhibit, which two statements are true? (Choose two.)
Which statement correctly describes NetAPI polling mode for the FSSO collector agent?
You have implemented the application sensor and the corresponding firewall policy as shown in the exhibits.


You cannot access any of the Google applications, but you are able to access www.fortinet.com .
What would you do to resolve this issue?
Refer to the exhibits.

The exhibits show the application sensor configuration and the Excessive-Bandwidth and Apple filter details. Based on the configuration, what will happen to Apple FaceTime if there are only a few calls originating or incoming? (Choose one answer)
Refer to the exhibits.



A diagram of a FortiGate device connected to the network VIP object and firewall policy configurations are shown.
The WAN (port2) interface has the IP address
100.65.0.101/24.
The LAN (port4) interface has the IP address
10.0.11.254/24.
If the host 100.65.1.111 sends a TCP SYN packet on port 443 to 100.65.0.200. what will the source address, destination address, and destination port of the packet be at the time FortiGate forwards the packet to the destination?
Refer to the exhibits.


You have implemented the application sensor and the corresponding firewall policy as shown in the exhibits.
You cannot access any of the Google applications, but you are able to access www.fortinet.com.
Which two actions would you take to resolve the issue? (Choose two.)
An administrator configures FortiGuard servers as DNS servers on FortiGate using default settings.
What is true about the DNS connection to a FortiGuard server?
What is the primary FortiGate election process when the HA override setting is enabled? (Choose one answer)
A network administrator is reviewing firewall policies in both Interface Pair View and By Sequence View. The policies appear in a different order in each view. Why is the policy order different in these two views?
What are two characteristics of HA cluster heartbeat IP addresses in a FortiGate device? (Choose two.)