1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 211:

    By default, the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action?

    A. Block all network attacks.

    B. Block the most common network attacks.

    C. Allows all traffic

    D. Allow and log all traffic

  • Question 212:

    A FortiGate unit can scan for viruses on which types of network traffic? (Select all that apply.)

    A. POP3

    B. FTP

    C. SMTP

    D. SNMP

    E. NetBios

  • Question 213:

    An end user logs into the SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has not enabled split tunneling and so the end user must access the Internet through the SSL VPN Tunnel. Which firewall policies are needed to allow the end user to not only access the internal network but also reach the Internet?

    A.

    B.

    C.

    D.

  • Question 214:

    Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

    A. Manual, user-initiated updates from the FortiGuard Distribution Network.

    B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network.

    C. Push updates from the FortiGuard Distribution Network.

    D. Update status including version numbers, expiry dates, and most recent update dates and times.

  • Question 215:

    An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.)

    A. An entry in a supported LDAP Directory.

    B. A digital certificate issued by any CA server.

    C. A valid username and password.

    D. A digital certificate issued by the FortiGate unit.

    E. Membership in a firewall user group.

  • Question 216:

    The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.)

    A. MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2)

    B. PAP (Password Authentication Protocol)

    C. CHAP (Challenge-Handshake Authentication Protocol)

    D. MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1)

    E. FAP (FortiGate Authentication Protocol)

  • Question 217:

    Which of the following are valid components of the Fortinet Server Authentication Extensions (FSAE)? (Select all that apply.)

    A. Domain Local Security Agent.

    B. Collector Agent.

    C. Active Directory Agent.

    D. User Authentication Agent.

    E. Domain Controller Agent.

  • Question 218:

    A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

    A. Split tunneling can be enabled when using tunnel mode SSL VPN.

    B. Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN.

    C. Users attempting to create a tunnel mode SSL VPN connection must be members of a configured user group on the FortiGate unit.

    D. Tunnel mode SSL VPN requires the FortiClient software to be installed on the user's computer.

    E. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

  • Question 219:

    Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides is NOT correct?

    A. A web filter profile may only have one user group defined as an override group.

    B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.

    C. When requesting an override, the matched user must belong to a user group for which the override capability has been enabled.

    D. Overrides can be allowed by the administrator for a specific period of time.

  • Question 220:

    Which of the following authentication types are supported by FortiGate units? (Select all that apply.)

    A. Kerberos

    B. LDAP

    C. RADIUS

    D. Local Users

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.