NSE4 Question #344: Real Exam Question with Answer & Explanation

The correct answer is A: In an IPS sensor. On FortiGate, IPS works through a layered model: individual signatures (both built-in and custom) are grouped into IPS sensors, and those sensors are applied to firewall policies. After creating a custom IPS signature, the administrator must add it to an IPS sensor (either a new

Submitted by wei.xz· Apr 18, 2026Security Profiles and Content Inspection

Question

An administrator has created a custom IPS signature. Where does the custom IPS signature have to be applied?

Options

AIn an IPS sensor
BIn an interface.
CIn a DoS policy.
DIn an application control profile.

Explanation

On FortiGate, IPS works through a layered model: individual signatures (both built-in and custom) are grouped into IPS sensors, and those sensors are applied to firewall policies. After creating a custom IPS signature, the administrator must add it to an IPS sensor (either a new or existing one) by referencing it in the sensor's signature list. The IPS sensor is then attached to a firewall policy to enforce inspection. Custom signatures cannot be applied directly to interfaces (B), DoS policies (C) - which use rate-based anomaly detection, not signature matching - or application control profiles (D), which identify applications rather than exploit patterns.

Topics

#IPS signature#IPS sensor#Custom IPS#Security Profiles

Community Discussion

No community discussion yet for this question.

Full NSE4 Practice Browse All NSE4 Questions