1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 111:

    Which web filtering inspection mode inspects DNS traffic?

    A. DNS-based
    B. FQDN-based
    C. Flow-based
    D. URL-based

  • Question 112:

    View the exhibit.

    What does this exhibit represent?

    A. SSL handshake
    B. Interchanging digital certificates
    C. Certificate signing request (CSR)
    D. Inline SSL inspection

  • Question 113:

    An administrator needs to create a tunnel mode SSLVPN to access an internal web server from the Internet. The web server is connected to port1. The Internet is connected to port2. Both interfaces belong to the VDOM named Corporation. What interface must be used as the source for the firewall policy that will allow this traffic?

    A. ssl.root
    B. ssl.Corporation
    C. port2
    D. port1

  • Question 114:

    The exhibit shows a FortiGate routing table. Which of the following statements are correct? (Choose two)

    A. There is only one active default route.
    B. The distance values for the route to 192.168.1.0/24 is 200
    C. An IP address in the subnet 172.16.78.0/24 has been assigned to the dmz interface.
    D. The FortiGate will route the traffic to 172.17.1.2 to next hop with the IP address 192.168.11.254

  • Question 115:

    Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

    A. Manual, user-initiated updates from the FortiGuard Distribution Network.
    B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network.
    C. Push updates from the FortiGuard Distribution Network.
    D. Update status including version numbers, expiry dates, and most recent update dates and times.

  • Question 116:

    Which of the following items does NOT support the Logging feature?

    A. File Filter
    B. Application control
    C. Session timeouts
    D. Administrator activities
    E. Web URL filtering

  • Question 117:

    Which are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)

    A. DNS server must properly resolve all workstation names.
    B. The remote registry service must be running in all workstations.
    C. The collector agent must be installed in one of the Windows domain controllers.
    D. A same user cannot be logged in into two different workstations at the same time.

  • Question 118:

    In the debug command output shown in the exhibit, which of the following best described the MAC address 00:09:0f:69:03:7e?

    A. It is one of the secondary MAC addresses of the port1 interface.
    B. It is the primary MAC address of the port interface.
    C. It is the MAC address of another network devices located in the same LAN segment as the FortiGate unit's port1 interface.
    D. It is the HA virtual MAC address.

  • Question 119:

    How many packets are interchanged between both IPSec ends during the negotiation of a main- mode phase 1?

    A. 5
    B. 3
    C. 2
    D. 6

  • Question 120:

    Which IPsec configuration mode can be used for implementing GRE-over-IPsec VPNs?.

    A. Policy-based only.
    B. Route-based only.
    C. Either policy-based or route-based VPN.
    D. GRE-based only.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.