1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 151:

    Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit.

    Which of the following statements is correct regarding this output? (Select one answer).

    A. One tunnel is rekeying.

    B. Two tunnels are rekeying.

    C. Two tunnels are up.

    D. One tunnel is up.

  • Question 152:

    Review the static route configuration for IPsec shown in the exhibit; then answer the question below.

    Which statements are correct regarding this configuration? (Choose two.)

    A. Interface remote is an IPsec interface.

    B. A gateway address is not required because the interface is a point-to-point connection.

    C. A gateway address is not required because the default route is used.

    D. Interface remote is a zone.

  • Question 153:

    What are the requirements for a HA cluster to maintain TCP connections after device or link failover? (Choose two.)

    A. Enable session pick-up.

    B. Enable override.

    C. Connections must be UDP or ICMP.

    D. Connections must not be handled by a proxy.

  • Question 154:

    Which of the following statements are correct about the HA command diagnose sys ha reset- uptime? (Choose two.)

    A. The device this command is executed on is likely to switch from master to slave status if override is disabled.

    B. The device this command is executed on is likely to switch from master to slave status if override is enabled.

    C. This command has no impact on the HA algorithm.

    D. This command resets the uptime variable used in the HA algorithm so it may cause a new master to become elected.

  • Question 155:

    In transparent mode, forward-domain is an CLI setting associate with ___________.

    A. static route

    B. a firewall policy

    C. an interface

    D. a virtual domain

  • Question 156:

    Which of the following sequences describes the correct order of criteria used for the selection of a master unit within a FortiGate high availability (HA) cluster when override is disabled?

    A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number.

    B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number.

    C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number.

    D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number.

  • Question 157:

    A FortiGate is operating in NAT/Route mode and configured with two virtual LAN (VLAN) sub- interfaces added to the same physical interface. Which one of the following statements is correct regarding the VLAN IDs in this scenario?

    A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.

    B. The two VLAN sub-interfaces must have different VLAN IDs.

    C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.

    D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.

  • Question 158:

    Which statements are correct for port pairing and forwarding domains? (Choose two.)

    A. They both create separate broadcast domains.

    B. Port Pairing works only for physical interfaces.

    C. Forwarding Domain only applies to virtual interfaces.

    D. They may contain physical and/or virtual interfaces.

  • Question 159:

    A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.

    Which of the following statements are true if the network administrator wants to route traffic between all the VDOMs? (Choose three.)

    A. The administrator can configure inter-VDOM links to avoid using external interfaces and routers.

    B. As with all FortiGate unit interfaces, firewall policies must be in place for traffic to be allowed to pass through any interface, including inter-VDOM links.

    C. This configuration requires a router to be positioned between the FortiGate unit and the Internet for proper routing.

    D. Inter-VDOM routing is automatically provided if all the subnets that need to be routed are locally attached.

    E. As each VDOM has an independent routing table, routing rules need to be set (for example, static routing, OSPF) in each VDOM to route traffic between VDOMs.

  • Question 160:

    A FortiGate is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. Which of the following settings will this administrator be able to configure? (Choose two.)

    A. Firewall addresses.

    B. DHCP servers.

    C. FortiGuard Distribution Network configuration.

    D. System hostname.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.