1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 481:

    Which of the following statements are correct about NTLM authentication? (Choose three)

    A. NTLM negotiation starts between the FortiGate device and the user's browser.

    B. It must be supported by the user's browser.

    C. It must be supported by the domain controllers.

    D. It does not require a collector agent.

    E. It does not require DC agents.

  • Question 482:

    Which of the following statements are true about IPsec VPNs? (Choose three.)

    A. IPsec increases overhead and bandwidth.

    B. IPsec operates at the layer 2 of the OSI model.

    C. End-user's network applications must be properly pre-configured to send traffic across the IPsec VPN.

    D. IPsec protects upper layer protocols.

    E. IPsec operates at the layer 3 of the OSI model.

  • Question 483:

    Examine this log entry. What does the log indicate? (Choose three.)

    date=2013-12-04 time=09:30:18 logid=0100032001 type=event subtype=system level=information vd="root" user="admin" ui=http(192.168.1.112) action=login status=success reason=none profile="super_admin" msg="Administrator admin logged in successfully from http(192.168.1.112)"

    A. In the GUI, the log entry was located under "Log and Report > Event Log > User".

    B. In the GUI, the log entry was located under "Log and Report > Event Log > System".

    C. In the GUI, the log entry was located under "Log and Report > Traffic Log > Local Traffic".

    D. The connection was encrypted.

    E. The connection was unencrypted.

    F. The IP of the FortiGate interface that "admin" connected to was 192.168.1.112.

    G. The IP of the computer that "admin" connected from was 192.168.1.112.

  • Question 484:

    Which of the following statements are correct regarding SSL VPN Web-only mode? (Choose two.)

    A. It can only be used to connect to web services.

    B. IP traffic is encapsulated over HTTPS.

    C. Access to internal network resources is possible from the SSL VPN portal.

    D. The standalone FortiClient SSL VPN client CANNOT be used to establish a Web-only SSL VPN.

    E. It is not possible to connect to SSH servers through the VPN.

  • Question 485:

    Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)

    A. Proxy

    B. Operating system

    C. Kernel

    D. System

    E. Device

  • Question 486:

    Which of the following statements is true regarding the TCP SYN packets that go from a client, through an implicit web proxy (transparent proxy), to a web server listening at TCP port 80? (Choose three.)

    A. The source IP address matches the client IP address.

    B. The source IP address matches the proxy IP address.

    C. The destination IP address matches the proxy IP address.

    D. The destination IP address matches the server IP addresses.

    E. The destination TCP port number is 80.

  • Question 487:

    The exhibit shows a FortiGate routing table. Which of the following statements are correct? (Choose two)

    A. There is only one active default route.

    B. The distance values for the route to 192.168.1.0/24 is 200

    C. An IP address in the subnet 172.16.78.0/24 has been assigned to the dmz interface.

    D. The FortiGate will route the traffic to 172.17.1.2 to next hop with the IP address 192.168.11.254

  • Question 488:

    Which portion of the configuration does an administrator specify the type of IPsec configuration (either policy-based or route-based)?

    A. Under the IPsec VPN global settings.

    B. Under the phase 2 settings.

    C. Under the phase 1 settings.

    D. Under the firewall policy settings.

  • Question 489:

    Of the following information, what can be recorded by a Data Leak Prevention sensor configured to do a summary archiving? (Choose three.)

    A. Visited URL (for the case of HTTP traffic)

    B. Sender email address (for the case of SMTP traffic)

    C. Recipient email address (for the case of SMTP traffic)

    D. Attached file (for the case of SMTP traffic)

    E. Email body (for the case of SMTP traffic)

  • Question 490:

    Which of the following IKE modes is the one used during the IPsec phase 2 negotiation?

    A. Aggressive mode

    B. Quick mode

    C. Main mode

    D. Fast mode

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.