1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet NSE4-5.4 Online Practice Questions and Exam Preparation

NSE4-5.4 Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet NSE4-5.4 Online Questions & Answers

  • Question 261:

    Which of the following statements are correct concerning the FortiGate session life support protocol? (Choose two)

    A. By default, UDP sessions are not synchronized.
    B. Up to four FortiGate devices in standalone mode are supported.
    C. only the master unit handles the traffic.
    D. Allows per-VDOM session synchronization.

  • Question 262:

    A FortiGate is configured with three virtual domains (VDOMs). Which of the following statements is correct regarding multiple VDOMs?

    A. The FortiGate must be a model 1000 or above to support multiple VDOMs.
    B. A license has to be purchased and applied to the FortiGate before VDOM mode could be enabled.
    C. Changing the operational mode of a VDOM requires a reboot of the FortiGate.
    D. The FortiGate supports any combination of VDOMs in NAT/Route and transparent modes.

  • Question 263:

    Examine the exhibit; then answer the question below.

    The Vancouver FortiGate initially had the following information in its routing table:

    S 172.20.0.0/16 [10/0] via 172.21.1.2, port2 C 172.21.0.0/16 is directly connected, port2 C 172.11.11.0/24 is directly connected, port1

    Afterwards, the following static route was added:

    Since this change, the new static route is NOT showing up in the routing table. Given the information provided, which of the following describes the cause of this problem?

    A. The subnet 172.20.1.0/24 is overlapped with the subnet of one static route that is already in the routing table (172.20.0.0/16), so, we need to enable allow-subnet-overlap first.
    B. The 'gateway' IP address is NOT in the same subnet as the IP address of port1.
    C. The priority is 0, which means that the route will remain inactive.
    D. The static route configuration is missing the distance setting.

  • Question 264:

    When creating FortiGate administrative users, which configuration objects specify the account rights?

    A. Remote access profiles.
    B. User groups.
    C. Administrator profiles.
    D. Local-in policies.

  • Question 265:

    A FortiGate devices is configured with four VDOMs: 'root' and 'vdom1' are in NAT/route mode; 'vdom2' and 'vdom2' are in transparent mode. The management VDOM is 'root'. Which of the following statements are true? (Choose two.)

    A. An inter-VDOM link between 'root' and 'vdom1' can be created.
    B. An inter-VDOM link between 'vdom1' and vdom2' can created.
    C. An inter-VDOM link between 'vdom2' and vdom3' can created.
    D. Inter-VDOM link links must be manually configured for FortiGuard traffic.

  • Question 266:

    What information is flushed when the chunk-size value is changed in the config dlp settings?

    A. The database for DLP document fingerprinting
    B. The supported file types in the DLP filters
    C. The archived files and messages
    D. The file name patterns in the DLP filters

  • Question 267:

    Which statement is correct concerning an IPsec VPN with the remote gateway setting configured as 'Dynamic DNS'?

    A. The FortiGate will accept IPsec VPN connection from any IP address.
    B. The FQDN resolution of the local FortiGate IP address where the VPN is terminated must be provided by a dynamic DNS provider.
    C. The FortiGate will Accept IPsec VPN connections only from IP addresses included on a dynamic DNS access list.
    D. The remote gateway IP address can change dynamically.

  • Question 268:

    Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides is NOT correct?

    A. A web filter profile may only have one user group defined as an override group.
    B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.
    C. When requesting an override, the matched user must belong to a user group for which the override capability has been enabled.
    D. Overrides can be allowed by the administrator for a specific period of time.

  • Question 269:

    Why does FortiGate keep TCP sessions in the session table for some seconds even after both sides (client and server) have terminated the session?

    A. To remove the NAT operation.
    B. To generate logs
    C. To finish any inspection operations.
    D. To allow for out-of-order packets that could arrive after the FIN/ACK packets.

  • Question 270:

    File blocking rules are applied before which of the following?

    A. Firewall policy processing
    B. Virus scanning
    C. Web URL filtering
    D. White/Black list filtering

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.