Exam NSE4_FGT-6.4 topic 1 question 28 discussion

It could be B and D. Those IPs starting with 173.243 are for fortiguard services, addind that uses port 443 to update.

B & D is correct. FortiGate_Security_6.4 page 415 (not sure about D)

B&D and here's why: D is correct: In Version 6.4 FortiGuard stopped support for ports 53 and 8888, only 443 is valid now (its the whole point of this question, to differentiate between 6.2 test and 6.4 test). This is per: https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-communication/ta-p/197109?externalID=FD46841 B is correct: The flags for 173.243.138.210 (a default FortiGuard Server IP) show D and I. "D" means this is a default address. "I" means it is the initial server contacted that validated the license, meaning that it didn't have to go on to another. If it had, one of the 173. servers would have a T or an F flag indicating that the connection was failing or had already failed. This is per: https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-Flags-and-Meanings/ta-p/206725 There are no private IP addresses shown, and there is no S flag, so a private FortiManager wasn't used, so A is wrong. The Curr Lost column shows all 0s, so no packets were lost, so C is wrong.

B&D correct

They do not correct the answers, there are many wrong, how do you want us to pay for Contribution Access? B & D

I think B D is correct answer. You should aware anycast is enable

B and D are correct

I think it is B and D

Answer is B,D

BD Link below shows D is correct and I agree that A and C do not make sense https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGuard-communication/ta-p/197109?externalID=FD46841

For A: It says "local FortiManager" and all the "Server List" IPs are public For B: The letter "I" from the "Flags" section means "Contract server contacted" For C: The "Curr Lost" and "Total Lost" sections have the value 0 This means that A & C are wrong, B is right and the only other option left is D. * B & C can be verified @ FortiGate Security Study Guide - page 415 (Web Filtering - FortiGuard Connection)

This has the answer https://kb.fortinet.com/kb/documentLink.do?externalID=FD46841

The right answer is B and D

I understand that the correct ones are B and D, see FortiGate_Security_6.4_Study_Guide page 415(about the I flag indicating contract server contacted), and 416(HTTPS port 443 enforced by default fortiguard or manager communications)

A & B are correct ... Default port is 8888 Also No packet drop

Default ports for querying Fortiguard are either udp/8888 or udp/53. If Fortigate is querying by using HTTPS tcp/443, then this indicates answer A (local FortiManager is used as Fortigurad server - https://docs.fortinet.com/document/fortigate/6.4.0/administration-guide/179018/using-fortimanager-as-a-local-fortiguard-server). So, in the end A & B answers are correct

HTTPS 443 is also considered as default port for communication. If you look at a real fortigate device you will find 3 options HTTPS, UDP 8888 and udp 53