1. Home
  2. Fortinet
  3. NSE4-5.4

Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4

Exam Details

  • Exam Code
    :NSE4-5.4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam - FortiOS 5.4
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :576 Q&As
  • Last Updated
    :Dec 30, 2024

Fortinet Fortinet Certifications NSE4-5.4 Questions & Answers

  • Question 501:

    Which of the following statements are correct differences between NAT/route and transparent mode? (Choose two.)

    A. In transparent mode, interfaces do not have IP addresses.

    B. Firewall polices are only used in NAT/ route mode.

    C. Static routers are only used in NAT/route mode.

    D. Only transparent mode permits inline traffic inspection at layer 2.

  • Question 502:

    Which statement best describes what SSL.root is?

    A. The name of the virtual network adapter required in each user's PC for SSL VPN Tunnel mode.

    B. The name of a virtual interface in the root VDOM where all the SSL VPN user traffic comes from.

    C. A Firewall Address object that contains the IP addresses assigned to SSL VPN users.

    D. The virtual interface in the root VDOM that the remote SSL VPN tunnels connect to.

  • Question 503:

    The exhibit shows a part output of the diagnostic command 'diagnose debug application ike 255', taken during establishment of a VPN. Which of the following statement are correct concerning this output? (Choose two) A. The quick mode selectors negotiated between both IPsec VPN peers is 0.0.0.0/32 for both source and destination addresses.

    B. The output corresponds to a phase 2 negotiation

    C. NAT-T enabled and there is third device in the path performing NAT of the traffic between both IPsec VPN peers.

    D. The IP address of the remote IPsec VPN peer is 172.20.187.114

  • Question 504:

    Regarding the use of web-only mode SSL VPN, which statement is correct?

    A. It support SSL version 3 only.

    B. It requires a Fortinet-supplied plug-in on the web client.

    C. It requires the user to have a web browser that suppports 64-bit cipher length.

    D. The JAVA run-time environment must be installed on the client.

  • Question 505:

    Which of the following network protocols can be inspected by the Data Leak Prevention scanning? (Choose three.)

    A. SMTP

    B. HTTP-POST

    C. AIM

    D. MAPI

    E. ICQ

  • Question 506:

    Which of the following IPsec configuration modes can be used when the FortiGate is running in NAT mode?

    A. Policy-based VPN only

    B. Both policy-based and route-based VPN.

    C. Route-based VPN only.

    D. IPSec VPNs are not supported when the FortiGate is running in NAT mode.

  • Question 507:

    You have configured the DHCP server on a FortiGate's port1 interface (or internal, depending on the model) to offer IPs in a range of 192.168.1.65-192.168.1.253.

    When the first host sends a DHCP request, what IP will the DHCP offer?

    A. 192.168.1.99

    B. 192.168.1.253

    C. 192.168.1.65

    D. 192.168.1.66

  • Question 508:

    How many packets are interchanged between both IPSec ends during the negotiation of a main- mode phase 1?

    A. 5

    B. 3

    C. 2

    D. 6

  • Question 509:

    Which is NOT true about the settings for an IP pool type port block allocation?

    A. A Block Size defines the number of connections.

    B. Blocks Per User defines the number of connection blocks for each user.

    C. An Internal IP Range defines the IP addresses permitted to use the pool.

    D. An External IP Range defines the IP addresses in the pool.

  • Question 510:

    Which authentication methods does FortiGate support for firewall authentication? (Choose two.)

    A. Remote Authentication Dial in User Service (RADIUS)

    B. Lightweight Directory Access Protocol (LDAP)

    C. Local Password Authentication

    D. POP3

    E. Remote Password Authentication

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4-5.4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.