Which of the following statements is correct based on the firewall configuration illustrated in the exhibit?

SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL- encrypted website?
A. The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user's workstation.Which of the following cannot be used in conjunction with the endpoint compliance check?
A. HTTP Challenge Redirect to a Secure Channel (HTTPS) in the Authentication Settings.An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?
A. Non-recursiveWhat FortiGate feature can be used to block a ping sweep scan from an attacker?
A. Web application firewall (WAF)When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. The FortiGate unit's public IP addressExamine the exhibit, which contains a virtual IP and a firewall policy configuration.

The WAN(port1) interface has the IP address 10.200.1.1/24. The LAN(port2) interface has the IP address 10.0.1.254/24.
The top firewall policy has NAT enabled using outgoing interface address. The second firewall policy configured with a virtual IP (VIP) as the destination address. Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?
A. 10.200.1.1Which of the following statements about NTLM authentication are correct? (Choose two.)
A. It is useful when users log in to DCs that are not monitored by a collector agent.On your FortiGate 60D, you've configured firewall policies. They port forward traffic to your Linux Apache web server. Select the best way to protect your web server by using the IPS engine.
A. Enable IPS signatures for Linux servers with HTTP, TCP and SSL protocols and Apache applications. Configured DLP to block HTTP GET request with credit card numbers.You have created a new administrator account, and assign it the prof_admin profile. Which is false about that account's permissions?
A. It cannot upgrade or downgrade firmware.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.