1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 181:

    An Internet browser is using the WPAD DNS method to discover the PAC file's URL. The DNS server replies to the browser's request with the IP address 10.100.1.10. Which URL will the browser use to download the PAC file?

    A. http://10.100.1.10/proxy.pac
    B. https://10.100.1.10/
    C. http://10.100.1.10/wpad.dat
    D. https://10.100.1.10/proxy.pac

  • Question 182:

    Which statements about virtual domains (VDOMs) are true? (Choose two.)

    A. Transparent mode and NAT/Route mode VDOMs cannot be combined on the same FortiGate.
    B. Each VDOM can be configured with different system hostnames.
    C. Different VLAN sub-interfaces of the same physical interface can be assigned to different VDOMs.
    D. Each VDOM has its own routing table.

  • Question 183:

    Which protocol can an Internet browser use to download the PAC file with the web proxy configuration?

    A. HTTPS
    B. FTP
    C. TFTP
    D. HTTP

  • Question 184:

    UTM features can be applied to which of the following items?

    A. Firewall policies
    B. User groups
    C. Policy routes
    D. Address groups

  • Question 185:

    Which statements are correct for port pairing and forwarding domains? (Choose two.)

    A. They both create separate broadcast domains.
    B. Port Pairing works only for physical interfaces.
    C. Forwarding Domain only applies to virtual interfaces.
    D. They may contain physical and/or virtual interfaces.

  • Question 186:

    Examine the exhibit shown below then answer the question that follows it.

    Within the UTM Proxy Options, the CA certificate Fortinet_CA_SSLProxy defines which of the following:

    A. FortiGate unit's encryption certificate used by the SSL proxy.
    B. FortiGate unit's signing certificate used by the SSL proxy.
    C. FortiGuard's signing certificate used by the SSL proxy.
    D. FortiGuard's encryption certificate used by the SSL proxy.

  • Question 187:

    A backup file begins with this line:

    #config-version=FGVM64-5.02-FW-build589-140613:opmode=0:vdom=0:user=admin #conf_file_ver=3881503152630288414 #buildno=0589 #global_vdom=1

    Can you restore it to a FortiWiFi 60D?

    A. Yes
    B. Yes, but only if you replace the "#conf_file_ver" line so that it contains the serial number of that specific FortiWiFi 60D.
    C. Yes, but only if it is running the same version of FortiOS, or a newer compatible version.
    D. No

  • Question 188:

    Which is NOT true about the settings for an IP pool type port block allocation?

    A. A Block Size defines the number of connections.
    B. Blocks Per User defines the number of connection blocks for each user.
    C. An Internal IP Range defines the IP addresses permitted to use the pool.
    D. An External IP Range defines the IP addresses in the pool.

  • Question 189:

    If you have lost your password for the "admin" account on your FortiGate, how should you reset it?

    A. Log in with another administrator account that has "super_admin" profile permissions, then reset the password for the "admin" account.
    B. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to format the flash disk and reinstall the firmware. Then you can log in with the default password.
    C. Power off the FortiGate. After several seconds, restart it. Via the local console, within 30 seconds after booting has completed, log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.
    D. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.

  • Question 190:

    The exhibit shows a part output of the diagnostic command 'diagnose debug application ike 255', taken during establishment of a VPN. Which of the following statement are correct concerning this output? (Choose two)

    A. The quick mode selectors negotiated between both IPsec VPN peers is 0.0.0.0/32 for both source and destination addresses.
    B. The output corresponds to a phase 2 negotiation
    C. NAT-T enabled and there is third device in the path performing NAT of the traffic between both IPsec VPN peers.
    D. The IP address of the remote IPsec VPN peer is 172.20.187.114

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.