1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 101:

    The eicar test virus is put into a zip archive, which is given the password of "Fortinet" in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows. Exhibit A - Antivirus Profile:

    Exhibit B - Non-default UTM Proxy Options Profile:

    Exhibit C - DLP Profile:

    Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?

    A. Only Exhibit A
    B. Only Exhibit B
    C. Only Exhibit C with default UTM Proxy settings.
    D. All of the Exhibits (A, B and C)
    E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).

  • Question 102:

    Which of the following statements best describes what the Document Fingerprinting feature is for?

    A. Protects sensitive documents from leakage
    B. Appends a fingerprint signature to all documents sent by users
    C. Appends a fingerprint signature to all the emails sent by users
    D. Validates the fingerprint signature in users' emails

  • Question 103:

    An administrator has enabled proxy-based antivirus scanning and configured the following settings:

    Which statement about the above configuration is true?

    A. Files bigger than 10 MB are not scanned for viruses and will be blocked.
    B. FortiGate scans only the first 10 MB of any file.
    C. Files bigger than 10 MB are sent to the heuristics engine for scanning.
    D. FortiGate scans the files in chunks of 10 MB.

  • Question 104:

    Which of the following combinations of two FortiGate device configurations (side A and side B), can be used to successfully establish an IPsec VPN between them? (choose two)

    A. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: aggressive mode, remote Gateway as static IP address policy-based VPN.
    B. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: main mode, remote gateway as static IP address, route-based VPN
    C. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: main mode, remote gateway as dialup, route-based VPN.
    D. Side A: main mode, remote gateway as dialup policy based VPN, Side B: main mode, remote gateway as dialup, policy based VPN.

  • Question 105:

    Which TCP states does the global setting `tcp-half-open-timer' applies to? (Choose two.)

    A. SYN SENT
    B. SYN and SYN/ACK
    C. FIN WAIT
    D. TIME WAIT

  • Question 106:

    Which is one of the conditions that must be met for offloading the encryption and decryption of IPsec traffic to an NP6 processor?

    A. No protection profile can be applied over the IPsec traffic.
    B. Phase-2 anti-replay must be disabled.
    C. Both the phase 1 and phases 2 must use encryption algorithms supported by the NP6.
    D. IPsec traffic must not be inspected by any FortiGate session helper.

  • Question 107:

    Which statement about the FortiGuard services for the FortiGate is true?

    A. Antivirus signatures are downloaded locally on the FortiGate.
    B. FortiGate downloads IPS updates using UDP port 53 or 8888.
    C. FortiAnalyzer can be configured as a local FDN to provide antivirus and IPS updates.
    D. The web filtering database is downloaded locally on the FortiGate.

  • Question 108:

    Of the following information, what can be recorded by a Data Leak Prevention sensor configured to do a summary archiving? (Choose three.)

    A. Visited URL (for the case of HTTP traffic)
    B. Sender email address (for the case of SMTP traffic)
    C. Recipient email address (for the case of SMTP traffic)
    D. Attached file (for the case of SMTP traffic)
    E. Email body (for the case of SMTP traffic)

  • Question 109:

    In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?

    A. The traffic is blocked.
    B. The traffic is passed.
    C. The traffic is passed and logged.
    D. The traffic is blocked and logged.

  • Question 110:

    A FortiGate is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. Which of the following settings will this administrator be able to configure? (Choose two.)

    A. Firewall addresses.
    B. DHCP servers.
    C. FortiGuard Distribution Network configuration.
    D. System hostname.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.