NSE4 Question #156: Real Exam Question with Answer & Explanation

Sign in or unlock NSE4 to reveal the answer and full explanation for question #156. The question stem and answer options stay visible for context.

Submitted by zhang_li· Apr 18, 2026Firewall Policies and Authentication

Question

In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed:

Options

AFirst, a check is performed to determine if the user's login credentials are valid. Next, the user is
BFirst, user restrictions are determined and port, time, and UTM profiles are applied. Next, a check
CFirst, the user is checked to determine if they belong to any of the groups defined for that policy.

Unlock NSE4 to see the answer

You've previewed enough free NSE4 questions. Unlock NSE4 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock NSE4 - $49.99 / 30 days Sign in

Topics

#Identity-based policy#FortiGate policy logic#User authentication#Policy enforcement

Full NSE4 Practice Browse All NSE4 Questions