nerdexam
ExamsNSE4Questions#411
FortinetFortinet

NSE4 · Question #411

NSE4 Question #411: Real Exam Question with Answer & Explanation

The correct answer is A: Block. Data Leak Prevention (DLP) scanning on FortiGate supports actions such as blocking the data transmission, quarantining the source IP address, or simply logging the detected event.

Submitted by layla.eg· Apr 18, 2026Security Profiles and Content Inspection

Question

Which of the following actions that can be taken by the Data Leak Prevention scanning? (Choose three.)

Options

  • ABlock
  • BReject
  • CTag
  • DLog only
  • EQuarantine IP address

Explanation

Data Leak Prevention (DLP) scanning on FortiGate supports actions such as blocking the data transmission, quarantining the source IP address, or simply logging the detected event.

Common mistakes.

  • B. 'Reject' is not a standard, distinct action available in FortiGate DLP policies; 'Block' is the common enforcement action.
  • C. 'Tag' is not a direct enforcement action in FortiGate DLP policies but rather a classification or labeling mechanism used in broader data management solutions.

Concept tested. FortiGate DLP policy actions

Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/526786/data-leak-prevention

Topics

#DLP#Content Inspection#Security Actions

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full NSE4 PracticeBrowse All NSE4 Questions