New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Fortinet NSE4_FGT_AD-7.6 Exam - Topic 3 Question 3 Discussion

Actual exam question for Fortinet's NSE4_FGT_AD-7.6 exam
Question #: 3
Topic #: 3
[All NSE4_FGT_AD-7.6 Questions]

An administrator wanted to configure an IPS sensor to block traffic that triggers the signature set number of times during a specific time period. How can the administrator achieve the objective?

Show Suggested Answer Hide Answer
Suggested Answer: D

In FortiOS 7.6, if an administrator wants to block traffic only after an IPS signature is triggered a specific number of times within a defined time window, this must be done using IPS filters with rate-based settings.

Why option D is correct

IPS filters allow administrators to match signatures based on attributes such as:

Severity

Protocol

CVE

Signature ID

IPS filters support rate-based actions using:

rate-mode periodical

rate-count

rate-duration

With rate-mode periodical, FortiGate:

Counts how many times a signature is triggered

Within a defined time period

And applies the configured action (for example, block) once the threshold is exceeded

This directly matches the requirement:

''block traffic that triggers the signature set number of times during a specific time period.''

Why the other options are incorrect

A . IPS group signatures, set rate-mode 60 Group signatures do not provide the required per-period rate-based blocking logic.

B . IPS packet logging option Logging does not enforce blocking behavior.

C . IPS signatures, rate-mode periodical option Rate-based controls are applied via IPS filters, not directly on individual signature definitions.


by Myong at Jan 25, 2026, 02:46 PM

Limited Time Offer

25%

Off

Get Premium NSE4_FGT_AD-7.6 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Hubert
5 days ago
I remember practicing a similar question where we had to configure IPS settings, and I feel like the periodical option is key here.
upvoted 0 times
...
Rosann
10 days ago
I think the answer might be C, but I'm not entirely sure about the specifics of the rate-mode options.
upvoted 0 times
...
Louann
15 days ago
Ugh, I'm not sure about this one. The wording of the question and the options is a bit confusing to me. I might need to ask the instructor for some clarification before I commit to an answer. Trying to figure out the right approach here.
upvoted 0 times
...
Keva
20 days ago
I'm feeling pretty confident about this one. The question is straightforward, and option C looks like the best fit based on the details provided. I'll make sure to double-check my work, but I think I've got a good handle on how to approach this type of question.
upvoted 0 times
...
Sommer
25 days ago
Okay, I've got this. The key is that the administrator wants to block traffic that triggers the signature set a certain number of times within a specific time period. Option C seems to address that by using the IPS signatures and a rate-mode periodical option, which would let you set the time period.
upvoted 0 times
...
Rasheeda
1 month ago
Hmm, I'm a bit confused. The question is asking about blocking traffic based on a signature set, but the options don't seem to mention that directly. I'll need to re-read the question carefully and think through the options more.
upvoted 0 times
...
Ling
1 month ago
I think I'd go with option C. The question specifically mentions using IPS signatures and a rate-mode periodical option, so that seems like the most direct approach.
upvoted 0 times
...

Save Cancel