1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 171:

    You are the administrator in charge of a FortiGate acting as an IPsec VPN gateway using route- based mode. Users from either side must be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate already has a

    default route.

    Which two configuration steps are required to achieve these objectives? (Choose two.)

    A. Create one firewall policy.
    B. Create two firewall policies.
    C. Add a route to the remote subnet.
    D. Add two IPsec phases 2.

  • Question 172:

    Which of the following statements are correct regarding URL Filtering on the FortiGate unit? (Select all that apply.)

    A. The allowed actions for URL Filtering include Allow, Block and Exempt.
    B. The allowed actions for URL Filtering are Allow and Block.
    C. The FortiGate unit can filter URLs based on patterns using text and regular expressions.
    D. Any URL accessible by a web browser can be blocked using URL Filtering.
    E. Multiple URL Filter lists can be added to a single protection profile.

  • Question 173:

    View the exhibit.

    In this scenario, FGT1 has the following routing table:

    S* 0. 0. 0. 0/0 [10/0] via 10. 40. 72. 2, port1 C 172. 16. 32. 0/24 is directly connected, port2 C 10. 40. 72. 0/30 is directly connected, port1

    A user at 192.168.32.15 is trying to access the web server at 172.16.32.254. Which of the following statements best describe how the FortiGate will perform reverse path forwarding checks on this traffic? (Choose two.)

    A. Strict RPF check will deny the traffic.
    B. Strict RPF check will allow the traffic.
    C. Loose RPF check will allow the traffic.
    D. Loose RPF check will deny the traffic.

  • Question 174:

    When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.

    A. profile
    B. allowaccess interface settings
    C. operation mode
    D. local-in policy

  • Question 175:

    View the exhibit.

    What is the effect of the Disconnect Cluster Member operation as shown in the exhibit? (Choose two.)

    A. The HA mode changes to standalone.
    B. The firewall policies are deleted on the disconnected member.
    C. The system hostname is set to the FortiGate serial number.
    D. The port3 is configured with an IP address for management access.

  • Question 176:

    Which of the following network protocols can be inspected by the Data Leak Prevention scanning? (Choose three.)

    A. SMTP
    B. HTTP-POST
    C. AIM
    D. MAPI
    E. ICQ

  • Question 177:

    Which email filter is NOT available on a FortiGate device?

    A. Sender IP reputation database.
    B. URLs included in the body of known SPAM messages.
    C. Email addresses included in the body of known SPAM messages.
    D. Spam object checksums.
    E. Spam grey listing.

  • Question 178:

    Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.)

    A. FortiASIC content processor.
    B. Hard Drive.
    C. Gigabit network interfaces.
    D. Serial console port.

  • Question 179:

    Which is NOT true about source matching with firewall policies?

    A. A source address object must be selected in the firewall policy.
    B. A source user/group may be selected in the firewall policy.
    C. A source device may be defined in the firewall policy.
    D. A source interface must be selected in the firewall policy.
    E. A source user/group and device must be specified in the firewall policy.

  • Question 180:

    An administrator configures a VPN and selects the Enable IPSec Interface Mode option in the phase 1 settings. Which of the following statements are correct regarding the IPSec VPN configuration?

    A. To complete the VPN configuration, the administrator must manually create a virtual IPSec interface in Web Config under System > Network.
    B. The virtual IPSec interface is automatically created after the phase1 configuration.
    C. The IPSec policies must be placed at the top of the list.
    D. This VPN cannot be used as part of a hub and spoke topology.
    E. Routes were automatically created based on the address objects in the firewall policies.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.