View all questions & answers for the NSE 4 - FortiOS 7.6 Administrator Exam Materials exam


NSE 4 - FortiOS 7.6 Administrator Exam Materials-Question 44 Discussion

Refer to the exhibit. The exhibit shows the FortiGuard Category Based Filter section of a corporate web filter profile. An administrator must block access to download.com, which belongs to the Freeware and Software Downloads category. The administrator must also allow other websites in the same category. What are two solutions for satisfying the requirement? (Choose two answers)

  • A. Configure a static URL filter entry for download.com with Type and Action set to Wildcard and Block, respectively.
  • B. Configure a web override rating for download.com and select Malicious Websites as the subcategory.
  • C. Configure a separate firewall policy with action Deny and an FQDN address object for *.download.com as destination address.
  • D. Set the Freeware and Software Downloads category Action to Warning.
Correct Answer: A,B

Brave-Dump Clients Votes

AB 66.67%
AC 33.33%

Comments



yutsu 2025-11-16 09:39:46

Selected Answers: A, C


Re-rating a domain into another category (Malicious Websites) does NOT work unless FortiGuard accepts the override (which is for lab/testing only).
Also, this would mis-categorize the site globally, not recommended or reliable.

Thomas Pfaff 2025-12-04 00:47:27

Selected Answers: A, B


I had the same thought as the other commentor but I think the given answer is correct. See Fortinet documentation for B:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-Web-Rating-Overrides-for-specific/ta-p/193384

Anonymous User 2026-01-27 05:16:23

Selected Answers: A, C


admin what is it?

Anonymous User 2026-02-11 01:44:36

Selected Answers: A, B


A, B

Anonymous User 2026-02-26 20:56:48

Selected Answers: A, C


As our test in the real environment, the correct answer should be A & C

Anonymous User 2026-03-26 16:57:45

Selected Answers: A, B


What is the correct answer @admin?

Anonymous User 2026-04-11 14:01:04

Selected Answers: A, B


A/ granular filtering
B/ in the Web Filter profile config, Malicious Websites are blocked, and then in combination with override rating should work (page 274, 275 from study guide)
A/ and B/ are application layer filtering, so more precise, while option C/ is layer4 filtering.
check - https://community.fortinet.com/t5/Support-Forum/Problem-with-denying-FQDN/m-p/59083#M58993

Anonymous User 2026-04-15 12:39:07

Selected Answers: A, B


A,B

Anonymous User 2026-04-16 16:15:29

Selected Answers: A, B


A,B