A FortiGate has multiple VDOMs. Which statement about an administrator account configured with the default prof_admin profile is true?
A. It can upgrade the firmware on the FortiGate.
B. It can create administrator accounts with access to the same VDOM
C. It can reset the password for the admin account.
D. It cannot have access to more than one VDOM.
A backup file begins with this line:
#config-version=FGVM64-5.02-FW-build589-140613:opmode=0:vdom=0:user=admin #conf_file_ver=3881503152630288414 #buildno=0589 #global_vdom=1
Can you restore it to a FortiWiFi 60D?
A. Yes
B. Yes, but only if you replace the "#conf_file_ver" line so that it contains the serial number of that specific FortiWiFi 60D.
C. Yes, but only if it is running the same version of FortiOS, or a newer compatible version.
D. No
On your FortiGate 60D, you've configured firewall policies. They port forward traffic to your Linux Apache web server. Select the best way to protect your web server by using the IPS engine.
A. Enable IPS signatures for Linux servers with HTTP, TCP and SSL protocols and Apache applications. Configured DLP to block HTTP GET request with credit card numbers.
B. Enable IPS signatures for Linux servers with HTTP, TCP and SSL protocols and Apache applications. Configure DLP to block HTTP GET with credit card numbers. Also configure a DoS policy to prevent TCP SYn floods and port scans.
C. None. FortiGate 60D is a desktop model, which does not support IPS.
D. Enable IPS signatures for Linux and windows servers with FTP, HTTP, TCP, and SSL protocols and Apache and PHP applications.
Which of the following actions can be used to back up the keys and digital certificates in a FortiGate device? (Choose two.)
A. Taking a full backup of the FortiGate configuration
B. Uploading a PKCS#10 file to a USB drive
C. Manually uploading the certificate information to a Certificate authority (CA)
D. Uploading a PKCS#12 file to a TFTP server
Which TCP states does the global setting `tcp-half-open-timer' applies to? (Choose two.)
A. SYN SENT
B. SYN and SYN/ACK
C. FIN WAIT
D. TIME WAIT
In transparent mode, forward-domain is a CLI setting associated with________.
A. a static route.
B. a firewall policy.
C. an interface.
D. a virtual domain.
What action does an IPsec Gateway take with the user traffic routed to an IPsec VPN when it does not match any phase 2 quick mode selector?
A. Traffic is dropped
B. Traffic is routed across the default phase 2.
C. Traffic is routed to the next available route in the routing table.
D. Traffic is routed unencrypted to the interface where the IPsec VPN is terminating.
Which of the following statement correct describes the use of the "diagnose sys ha reset- uptime" command?
A. To force an HA failover when the HA override setting is disabled.
B. To force an HA failover when the HA override setting is enabled.
C. To clear the HA counters.
D. To restart a FortiGate unit that is part of an HA cluster.
Which of the following web filtering modes can inspect the full URL? (Choose two.)
A. Proxy based
B. DNS based
C. Policy based
D. Flow based
What determines whether a log message is generated or not?
A. Firewall policy setting
B. Log Settings in the GUI
C. 'config log' command in the CLI
D. Syslog
E. Webtrends
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.