Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet NSE4_FGT_AD-7.6 Exam - Topic 3 Question 3 Discussion

Actual exam question for Fortinet's NSE4_FGT_AD-7.6 exam
Question #: 3
Topic #: 3
[All NSE4_FGT_AD-7.6 Questions]

An administrator wanted to configure an IPS sensor to block traffic that triggers the signature set number of times during a specific time period. How can the administrator achieve the objective?

Show Suggested Answer Hide Answer
Suggested Answer: D

In FortiOS 7.6, if an administrator wants to block traffic only after an IPS signature is triggered a specific number of times within a defined time window, this must be done using IPS filters with rate-based settings.

Why option D is correct

IPS filters allow administrators to match signatures based on attributes such as:

Severity

Protocol

CVE

Signature ID

IPS filters support rate-based actions using:

rate-mode periodical

rate-count

rate-duration

With rate-mode periodical, FortiGate:

Counts how many times a signature is triggered

Within a defined time period

And applies the configured action (for example, block) once the threshold is exceeded

This directly matches the requirement:

''block traffic that triggers the signature set number of times during a specific time period.''

Why the other options are incorrect

A . IPS group signatures, set rate-mode 60 Group signatures do not provide the required per-period rate-based blocking logic.

B . IPS packet logging option Logging does not enforce blocking behavior.

C . IPS signatures, rate-mode periodical option Rate-based controls are applied via IPS filters, not directly on individual signature definitions.


by Myong at Jan 25, 2026, 02:46 PM

Limited Time Offer

25%

Off

Get Premium NSE4_FGT_AD-7.6 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Simona
15 days ago
Totally agree with A), it's straightforward and effective!
upvoted 0 times
...
Billye
20 days ago
Wait, can you really use B) for blocking? That seems off.
upvoted 0 times
...
Cristina
26 days ago
D) sounds like a solid option too, but not sure.
upvoted 0 times
...
Erinn
1 month ago
I think C) makes more sense for periodic checks.
upvoted 0 times
...
Amie
1 month ago
A) is the right choice for rate-limiting!
upvoted 0 times
...
Alba
1 month ago
C is the way to go. The other options don't seem to address the specific requirements mentioned in the question.
upvoted 0 times
...
Alayna
2 months ago
Haha, I bet the administrator is going to have a field day configuring this IPS sensor. C seems like the way to go, though.
upvoted 0 times
...
Martina
2 months ago
I'm pretty sure C is the right answer. Blocking traffic based on a signature set number of times during a specific time period sounds like the rate-mode periodical option.
upvoted 0 times
...
Herminia
2 months ago
The correct answer is definitely C. That's the only option that mentions using IPS signatures and the rate-mode periodical option.
upvoted 0 times
...
Bobbye
2 months ago
C) Use IPS signatures, rate-mode periodical option.
upvoted 0 times
...
Stephaine
2 months ago
I thought rate-mode was important, but I can't remember if it should be set to periodical or something else. Maybe A is the right choice?
upvoted 0 times
...
Penney
2 months ago
I'm leaning towards D, but I can't recall if filters are the right approach for blocking traffic based on signatures.
upvoted 0 times
...
Hubert
3 months ago
I remember practicing a similar question where we had to configure IPS settings, and I feel like the periodical option is key here.
upvoted 0 times
...
Rosann
3 months ago
I think the answer might be C, but I'm not entirely sure about the specifics of the rate-mode options.
upvoted 0 times
...
Louann
4 months ago
Ugh, I'm not sure about this one. The wording of the question and the options is a bit confusing to me. I might need to ask the instructor for some clarification before I commit to an answer. Trying to figure out the right approach here.
upvoted 0 times
...
Keva
4 months ago
I'm feeling pretty confident about this one. The question is straightforward, and option C looks like the best fit based on the details provided. I'll make sure to double-check my work, but I think I've got a good handle on how to approach this type of question.
upvoted 0 times
...
Sommer
4 months ago
Okay, I've got this. The key is that the administrator wants to block traffic that triggers the signature set a certain number of times within a specific time period. Option C seems to address that by using the IPS signatures and a rate-mode periodical option, which would let you set the time period.
upvoted 0 times
...
Rasheeda
4 months ago
Hmm, I'm a bit confused. The question is asking about blocking traffic based on a signature set, but the options don't seem to mention that directly. I'll need to re-read the question carefully and think through the options more.
upvoted 0 times
...
Ling
4 months ago
I think I'd go with option C. The question specifically mentions using IPS signatures and a rate-mode periodical option, so that seems like the most direct approach.
upvoted 0 times
...

Save Cancel