★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
NSE4 Product Description:
Exam Number/Code: NSE4 vce
Exam name: Fortinet Network Security Expert 4 Written Exam (400)
n questions with full explanations
Certification: Fortinet Certification
Last updated on Global synchronizing
Exact of NSE4 pdf exam materials and training materials for Fortinet certification for IT learners, Real Success Guaranteed with Updated NSE4 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 4 Written Exam (400) exam Today!
2016 Apr NSE4 Study Guide Questions:
Q46. - (Topic 21)
Which statements are correct regarding an IPv6 over IPv4 IPsec configuration? (Choose two.)
A. The source quick mode selector must be an IPv4 address.
B. The destination quick mode selector must be an IPv6 address.
C. The Local Gateway IP must be an IPv4 address.
D. The remote gateway IP must be an IPv6 address.
Q47. - (Topic 16)
Review the IPS sensor filter configuration shown in the exhibit
Based on the information in the exhibit, which statements are correct regarding the filter? (Choose two.)
A. It does not log attacks targeting Linux servers.
B. It matches all traffic to Linux servers.
C. Its action will block traffic matching these signatures.
D. It only takes effect when the sensor is applied to a policy.
Q48. - (Topic 10)
Which statements are correct regarding application control? (Choose two.)
A. It is based on the IPS engine.
B. It is based on the AV engine.
C. It can be applied to SSL encrypted traffic.
D. Application control cannot be applied to SSL encrypted traffic.
Q49. - (Topic 22)
Two FortiGate units with NP6 processors form an active-active cluster. The cluster is doing security profile (UTM) inspection over all the user traffic. What statements are true regarding the sessions that the master unit is offloading to the slave unit for inspection? (Choose two.)
A. They are accelerated by hardware in the master unit.
B. They are not accelerated by hardware in the master unit.
C. They are accelerated by hardware in the slave unit.
D. They are not accelerated by hardware in the slave unit.
Q50. - (Topic 6)
An administrator has configured a route-based site-to-site IPsec VPN. Which statement is correct regarding this IPsec VPN configuration?
A. The IPsec firewall policies must be placed at the top of the list.
B. This VPN cannot be used as part of a hub and spoke topology.
C. Routes are automatically created based on the quick mode selectors.
D. A virtual IPsec interface is automatically created after the Phase 1 configuration is completed.
Replace NSE4 practice question:
Q51. - (Topic 1)
Which statements are true regarding the factory default configuration? (Choose three.)
A. The default web filtering profile is applied to the first firewall policy.
B. The ‘Port1’ or ‘Internal’ interface has the IP address 192.168.1.99.
C. The implicit firewall policy action is ACCEPT.
D. The ‘Port1’ or ‘Internal’ interface has a DHCP server set up and enabled (on device models that support DHCP servers).
E. Default login uses the username: admin (all lowercase) and no password.
Q52. - (Topic 7)
Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)
A. Manual update by downloading the signatures from the support site.
B. Pull updates from the FortiGate.
C. Push updates from a FortiAnalyzer.
D. execute fortiguard-AV-AS command from the CLI.
Q53. - (Topic 14)
The exhibit shows the Disconnect Cluster Member command in a FortiGate unit that is part of a HA cluster with two HA members.
What is the effect of the Disconnect Cluster Member command as given in the exhibit. (Choose two.)
A. Port3 is configured with an IP address for management access.
B. The firewall rules are purged on the disconnected unit.
C. The HA mode changes to standalone.
D. The system hostname is set to the unit serial number.
Q54. - (Topic 3)
Which firewall objects can be included in the Destination Address field of a firewall policy? (Choose three.)
A. IP address pool.
B. Virtual IP address.
C. IP address.
D. IP address group.
E. MAC address.
Q55. - (Topic 7)
Which statements regarding banned words are correct? (Choose two.)
A. Content is automatically blocked if a single instance of a banned word appears.
B. The FortiGate updates banned words on a periodic basis.
C. The FortiGate can scan web pages and email messages for instances of banned words.
D. Banned words can be expressed as simple text, wildcards and regular expressions.
Approved NSE4 questions:
Q56. - (Topic 5)
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. The remote user's virtual IP address.
B. The FortiGate unit's internal IP address.
C. The remote user's public IP address.
D. The FortiGate unit's external IP address.
Q57. - (Topic 11)
Examine the exhibit below; then answer the question following it.
In this scenario, the FortiGate unit in Ottawa has the following routing table:
S* 0.0.0.0/0 [10/0] via 172.20.170.254, port2
C 172.20.167.0/24 is directly connected, port1
C 172.20.170.0/24 is directly connected, port2
Sniffer tests show that packets sent from the source IP address 172.20.168.2 to the destination IP address 172.20.169.2 are being dropped by the FortiGate located in Ottawa. Which of the following correctly describes the cause for the dropped packets?
A. The forward policy check.
B. The reverse path forwarding check.
C. The subnet 172.20.169.0/24 is NOT in the Ottawa FortiGate’s routing table.
D. The destination workstation 172.20.169.2 does NOT have the subnet 172.20.168.0/24 in its routing table.
Q58. - (Topic 20)
Examine the following output from the diagnose sys session list command:
session info: proto=6 proto_state=65 duration=3 expire=9 timeout=3600 flags=00000000 sockflag=00000000 sockport=443 av_idx=9 use=5 origin-shaper=guarantee-100kbps prio=2 guarantee 12800Bps max 134217728Bps traffic
reply-shaper=guarantee-100kbps prio=2 guarantee 12800Bps max 134217728Bps traffic
state=redir local may_dirty ndr npu nlb os rs
statistic(bytes/packets/allow_err): org=864/8/1 reply=2384/7/1 tuples=3
orgin->sink: org pre->post, reply pre->post dev=7->6/6->7 gwy=172.17.87.3/10.1.10.1
hook=post dir=org act=snat 192.168.1.110:57999->22.214.171.124:443(172.17.87.16:57999)
hook=pre dir=reply act=dnat 126.96.36.199:443-
hook=post dir=reply act=noop 188.8.131.52:443->192.168.1.110:57999(0.0.0.0:0)
misc=0 policy_id=1 id_policy_id=0 auth_info=0 chk_client_info=0 vd=0
npu info: flag=0x00/0x00, offload=0/0, ips_offload=0/0, epid=0/0, ipid=0/0, vlan=0/0
Which statements are true regarding the session above? (Choose two.)
A. Session Time-To-Live (TTL) was configured to 9 seconds.
B. FortiGate is doing NAT of both the source and destination IP addresses on all packets coming from the 192.168.1.110 address.
C. The IP address 192.168.1.110 is being translated to 172.17.87.16.
D. The FortiGate is not translating the TCP port numbers of the packets in this session.
Q59. - (Topic 11)
Review the output of the command get router info routing-table database shown in the exhibit below; then answer the question following it.
Which two statements are correct regarding this output? (Choose two.)
A. There will be six routes in the routing table.
B. There will be seven routes in the routing table.
C. There will be two default routes in the routing table.
D. There will be two routes for the 10.0.2.0/24 subnet in the routing table.
Q60. - (Topic 17)
Which statement is one disadvantage of using FSSO NetAPI polling mode over FSSO Security Event Log (WinSecLog) polling mode?
A. It requires a DC agent installed in some of the Windows DC.
B. It runs slower.
C. It might miss some logon events.
D. It requires access to a DNS server for workstation name resolution.
see more Fortinet Network Security Expert 4 Written Exam (400)