Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 421:

    An administrator logs into a FortiGate unit using an account which has been assigned a super_admin profile. Which of the following operations can this administrator perform?

    A. They can delete logged-in users who are also assigned the super_admin access profile.

    B. They can make changes to the super_admin profile.

    C. They can delete the admin account if the default admin user is not logged in.

    D. They can view all the system configuration settings but can not make changes.

    E. They can access configuration options for only the VDOMs to which they have been assigned.

  • Question 422:

    Which of the following statements is correct regarding the FortiGuard Services Web Filtering Override configuration as illustrated in the exhibit?

    A. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/.

    B. A client with an IP of address 10.10.10.12 is allowed access to any subdirectory that is part of the www.yahoo.com web site.

    C. A client with an IP address of 10.10.10.12 is allowed access to the www.yahoo.com/images/ web site and any of its offsite URLs.

    D. A client with an IP address of 10.10.10.12 is allowed access to any URL under the www.yahoo.com web site, including any subdirectory URLs, until August 7, 2009.

    E. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/ until August 7, 2009.

  • Question 423:

    Both the FortiGate and FortiAnalyzer units can notify administrators when certain alert conditions are met. Considering this, which of the following statements is NOT correct?

    A. On a FortiGate device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two.

    B. On a FortiAnalyzer device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two.

    C. Only a FortiAnalyzer device can send the alert notification in the form of a syslog message.

    D. Both the FortiGate and FortiAnalyzer devices can send alert notifications in the form of an email alert.

  • Question 424:

    A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.

    Which of the following statements are correct regarding these VDOMs? (Select all that apply.)

    A. The FortiGate unit supports any combination of these VDOMs in NAT/Route and Transparent modes.

    B. The FortiGate unit must be a model 1000 or above to support multiple VDOMs.

    C. A license had to be purchased and applied to the FortiGate unit before VDOM mode could be enabled.

    D. All VDOMs must operate in the same mode.

    E. Changing a VDOM operational mode requires a reboot of the FortiGate unit.

    F. An admin account can be assigned to one VDOM or it can have access to all three VDOMs.

  • Question 425:

    WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel?

    A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule.

    B. The attempt will be accepted when there is a matching WAN optimization passive rule.

    C. The attempt will be accepted when the request comes from a known peer.

    D. The attempt will be accepted when a user on the remote peer accepts the connection request.

  • Question 426:

    Which of the following statements is correct regarding the antivirus scanning function on the FortiGate unit?

    A. Antivirus scanning provides end-to-end virus protection for client workstations.

    B. Antivirus scanning provides virus protection for the HTTP, Telnet, SMTP, and FTP protocols.

    C. Antivirus scanning supports banned word checking.

    D. Antivirus scanning supports grayware protection.

  • Question 427:

    A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. Which of the following items would an administrator logging in using this account NOT be able to configure?

    A. Firewall addresses

    B. DHCP servers

    C. FortiGuard Distribution Network configuration

    D. PPTP VPN configuration

  • Question 428:

    Which of the following methods does the FortiGate unit use to determine the availability of a web cache using Web Cache Communication Protocol (WCCP)?

    A. The FortiGate unit receives periodic "Here I am" messages from the web cache.

    B. The FortiGate unit polls all globally-defined web cache servers at a regular intervals.

    C. The FortiGate using uses the health check monitor to verify the availability of a web cache server.

    D. The web cache sends an "I see you" message which is captured by the FortiGate unit.

  • Question 429:

    An administrator wishes to generate a report showing Top Traffic by service type. They notice

    that web traffic overwhelms the pie chart and want to exclude the web traffic from the report. Which of the following statements best describes how to do this?

    A. In the Service field of the Data Filter, type 80/tcp and select the NOT checkbox.

    B. Add the following entry to the Generic Field section of the Data Filter: service="!web".

    C. When editing the chart, uncheck wlog to indicate that Web Filtering data is being excluded when generating the chart.

    D. When editing the chart, enter 'http' in the Exclude Service field.

  • Question 430:

    A network administrator connects his PC to the INTERNAL interface on a FortiGate unit.

    The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity.

    The following troubleshooting commands are executed from the DOS prompt on the PC and from the CLI.

    Based on the output from these commands, which of the following explanations is a possible cause of the problem?

    A. The Fortigate unit has no route back to the PC.

    B. The PC has an IP address in the wrong subnet.

    C. The PC is using an incorrect default gateway IP address.

    D. The FortiGate unit does not have the HTTPS service configured on the VLAN1 interface.

    E. There is no firewall policy allowing traffic from INTERNAL-> VLAN1.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.