1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 191:

    When browsing to an internal web server using a web-mode SSL VPN bookmark, from which of the following source IP addresses would the web server consider the HTTP request to be initiated?

    A. The remote user's virtual IP address.
    B. The FortiGate unit's internal IP address.
    C. The remote user's public IP address.
    D. The FortiGate unit's external IP address.

  • Question 192:

    Examine the static route configuration shown below; then answer the question following it. (Select all that apply.)

    Which of the following statements correctly describes the static routing configuration provided? (Select all that apply.)

    A. All traffic to 172.20.1.0/24 will always be dropped by the FortiGate unit.
    B. As long as port1 is up, all the traffic to 172.20.1.0/24 will be routed by the static route number 1. If the interface port1 is down, the traffic will be routed using the blackhole route.
    C. The FortiGate unit will NOT create a session entry in the session table when the traffic is being routed by the blackhole route.
    D. The FortiGate unit will create a session entry in the session table when the traffic is being routed by the blackhole route.
    E. Traffic to 172.20.1.0/24 will be shared through both routes.

  • Question 193:

    Examine this output from the diagnose sys top command:

    Which statements about the output are true? (Choose two.)

    A. sshd is the process consuming most memory
    B. sshd is the process consuming most CPU
    C. All the processes listed are in sleeping state
    D. The sshd process is using 123 pages of memory

  • Question 194:

    Which commands are appropriate for investigating high CPU? (Choose two.)

    A. diag sys top
    B. diag hardware sysinfo mem
    C. diag debug flow
    D. get system performance status

  • Question 195:

    A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. Which one of the following statements is correct regarding the use of web-only mode SSL VPN?

    A. Web-only mode supports SSL version 3 only.
    B. A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN.
    C. Web-only mode requires the user to have a web browser that supports 64-bit cipher length.
    D. The JAVA run-time environment must be installed on the client to be able to connect to a web- only mode SSL VPN.

  • Question 196:

    Which statement describes how traffic flows in sessions handled by a slave unit in an active- active HA cluster?

    A. Packet are sent directly to the slave unit using the slave physical MAC address.
    B. Packets are sent directly to the slave unit using the HA virtual MAC address.
    C. Packets arrived at both units simultaneously, but only the salve unit forwards the session.
    D. Packets are first sent to the master unit, which then forwards the packets to the slave unit.

  • Question 197:

    What capabilities can a FortiGate provide? (Choose three.)

    A. Mail relay.
    B. Email filtering.
    C. Firewall.
    D. VPN gateway.
    E. Mail server.

  • Question 198:

    There are eight (8) log severity levels that indicate the importance of an event. Not including Debug, which is only needed to log diagnostic data, what are both the lowest AND highest severity levels?

    A. Notification, Emergency
    B. Information, Critical
    C. Error, Critical
    D. Information, Emergency
    E. Information, Alert

  • Question 199:

    By default, the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action?

    A. Block all network attacks.
    B. Block the most common network attacks.
    C. Allows all traffic
    D. Allow and log all traffic

  • Question 200:

    View the exhibit.

    Which of the following statements are correct? (Choose two.)

    A. This is a redundant IPsec setup.
    B. The TunnelB route is the primary one for searching the remote site. The TunnelA route is used only if the TunnelB VPN is down.
    C. This setup requires at least two firewall policies with action set to IPsec.
    D. Dead peer detection must be disabled to support this type of IPsec setup.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.