1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 241:

    Which statements about application control are true? (Choose two.)

    A. Enabling application control profile in a security profile enables application control for all the traffic flowing through the FortiGate.
    B. It cannot take an action on unknown applications.
    C. It can inspect encrypted traffic.
    D. It can identify traffic from known applications, even when they are using non-standard TCP/UDP ports.

  • Question 242:

    Which of the following statements regarding the firewall policy authentication timeout is true?

    A. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be "idle" if it does not see any packets coming from the user's source IP.
    B. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user's source IP after this timer has expired.
    C. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be "idle" if it does not see any packets coming from the user's source MAC.
    D. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user's source MAC after this timer has expired.

  • Question 243:

    In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?

    A. The traffic is blocked.
    B. The traffic is passed.
    C. The traffic is passed and logged.
    D. The traffic is blocked and logged.

  • Question 244:

    Examine the following log message for IPS and identify the valid responses below. (Select all that apply.)

    A. The target is 192.168.3.168.
    B. The target is 192.168.3.170.
    C. The attack was detected and blocked.
    D. The attack was detected only.
    E. The attack was TCP based.

  • Question 245:

    Which firewall objects can be included in the Destination Address field of a firewall policy? (Choose three.)

    A. IP address pool.
    B. Virtual IP address.
    C. IP address.
    D. IP address group.
    E. MAC address

  • Question 246:

    If Routing Information Protocol (RIP) version 1 or version 2 has already been configured on a FortiGate unit, which of the following statements is correct if the routes learned through RIP need to be advertised into Open Shortest Path First (OSPF)?

    A. The FortiGate unit will automatically announce all routes learned through RIP v1 or v2 to its OSPF neighbors.
    B. The FortiGate unit will automatically announce all routes learned only through RIP v2 to its OSPF neighbors.
    C. At a minimum, the network administrator needs to enable Redistribute RIP in the OSPF Advanced Options.
    D. The network administrator needs to configure a RIP to OSPF announce policy as part of the RIP settings.
    E. At a minimum, the network administrator needs to enable Redistribute Default in the OSPF Advanced Options.

  • Question 247:

    What protocol cannot be used with the active authentication type?

    A. Local
    B. RADIUS
    C. LDAP
    D. RSSO

  • Question 248:

    Which of the following are considered log types? (Choose three.)

    A. Forward log
    B. Traffic log
    C. Syslog
    D. Event log
    E. Security log

  • Question 249:

    Which of the following statements is true regarding the use of a PAC file to configure the web proxy settings in an Internet browser? (Choose two.)

    A. More than one proxy is supported.
    B. Can contain a list of destinations that will be exempt from the use of any proxy.
    C. Can contain a list of URLs that will be exempted from the FortiGate web filtering inspection.
    D. Can contain a list of users that will be exempted from the use of any proxy.

  • Question 250:

    Which statements are true regarding local user authentication? (Choose two.)

    A. Two-factor authentication can be enabled on a per user basis.
    B. Local users are for administration accounts only and cannot be used to authenticate network users.
    C. Administrators can create the user accounts is a remote server and store the user passwords locally in the FortiGate.
    D. Both the usernames and passwords can be stored locally on the FortiGate

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.