1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 401:

    Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers?

    A. WCCP must be enabled on the interface facing the Web cache.

    B. You must enabled explicit Web-proxy on the incoming interface.

    C. WCCP must be enabled as a global setting on the FortiGate unit.

    D. WCCP must be enabled on all interfaces on the FortiGate unit through which HTTP traffic is passing.

  • Question 402:

    Which of the following statements is not correct regarding virtual domains (VDOMs)?

    A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.

    B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.

    C. A backup management VDOM will synchronize the configuration from an active management VDOM.

    D. VDOMs share firmware versions, as well as antivirus and IPS databases.

    E. Only administrative users with a super_admin profile will be able to enter all VDOMs to make configuration changes.

  • Question 403:

    Which of the following report templates must be used when scheduling report generation?

    A. Layout Template

    B. Data Filter Template

    C. Output Template

    D. Chart Template

  • Question 404:

    The Host Check feature can be enabled on the FortiGate unit for SSL VPN connections. When this feature is enabled, the FortiGate unit probes the remote host computer to verify that it is "safe" before access is granted. Which of the following items is NOT an option as part of the Host Check feature?

    A. FortiClient Antivirus software

    B. Microsoft Windows Firewall software

    C. FortiClient Firewall software

    D. Third-party Antivirus software

  • Question 405:

    In the Tunnel Mode widget of the web portal, the administrator has configured an IP Pool and enabled split tunneling. Which of the following statements is true about the IP address used by the SSL VPN client?

    A. The IP pool specified in the SSL-VPN Tunnel Mode Widget Options will override the IP address range defined in the SSL-VPN Settings.

    B. Because split tunneling is enabled, no IP address needs to be assigned for the SSL VPN tunnel to be established.

    C. The IP address range specified in SSL-VPN Settings will override the IP address range in the SSL-VPN Tunnel Mode Widget Options.

  • Question 406:

    If Routing Information Protocol (RIP) version 1 or version 2 has already been configured on a FortiGate unit, which of the following statements is correct if the routes learned through RIP need to be advertised into Open Shortest Path First (OSPF)?

    A. The FortiGate unit will automatically announce all routes learned through RIP v1 or v2 to its OSPF neighbors.

    B. The FortiGate unit will automatically announce all routes learned only through RIP v2 to its OSPF neighbors.

    C. At a minimum, the network administrator needs to enable Redistribute RIP in the OSPF Advanced Options.

    D. The network administrator needs to configure a RIP to OSPF announce policy as part of the RIP settings.

    E. At a minimum, the network administrator needs to enable Redistribute Default in the OSPF Advanced Options.

  • Question 407:

    When configuring a server load balanced virtual IP, which of the following is the best distribution algorithm to be used in applications where the same physical destination server must be maintained between sessions?

    A. Static

    B. Round robin

    C. Weighted round robin

    D. Least connected

  • Question 408:

    Which of the following Session TTL values will take precedence?

    A. Session TTL specified at the system level for that port number

    B. Session TTL specified in the matching firewall policy

    C. Session TTL dictated by the application control list associated with the matching firewall policy

    D. The default session TTL specified at the system level

  • Question 409:

    When the SSL proxy inspects the server certificate for Web Filtering only in SSL Handshake mode, which certificate field is being used to determine the site rating?

    A. Common Name

    B. Organization

    C. Organizational Unit

    D. Serial Number

    E. Validity

  • Question 410:

    Which of the following describes the best custom signature for detecting the use of the word "Fortinet" in chat applications?

    A. The sample packet trace illustrated in the exhibit provides details on the packet that requires detection. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; -- no_case; )

    B. F-SBID( --protocol tcp; --flow from_client; --pattern "fortinet"; --no_case; )

    C. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; -- within 20; --no_case; )

    D. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; -- within 20; )

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.