1. Home
  2. Fortinet
  3. NSE4

Fortinet NSE4 Online Practice Questions and Exam Preparation

NSE4 Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet NSE4 Online Questions & Answers

  • Question 91:

    Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of diagnose sys session stat for the STUDENT device. Exhibit B shows the command output of diagnose sys session stat for the REMOTE device.

    Exhibit A:

    Exhibit B:

    Given the information provided in the exhibits, which of the following statements are correct? (Choose two.)

    A. STUDENT is likely to be the master device.
    B. Session-pickup is likely to be enabled.
    C. The cluster mode is active-passive.
    D. There is not enough information to determine the cluster mode.

  • Question 92:

    In "diag debug flow" output, you see the message "Allowed by Policy-1: SNAT". Which is true?

    A. The packet matched the topmost policy in the list of firewall policies.
    B. The packet matched the firewall policy whose policy ID is 1.
    C. The packet matched a firewall policy, which allows the packet and skips UTM checks
    D. The policy allowed the packet and applied session NAT.

  • Question 93:

    Examine the following log message for IPS:

    2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root

    severity=''critical'' src=''192.168.3.168'' dst=''192.168.3.170'' src_int=''port2'' serial=0

    status=''detected'' proto=1 service=''icmp'' count=1 attack_name=''icmp_flood'' icmp_id=''0xa8a4''

    icmp_type=''0x08'' icmp_code=''0x00'' attack_id=16777316 sensor=''1''

    ref=''http://www.fortinet.com/ids/VID16777316'' msg=''anomaly: icmp_flood, 51 > threshold 50''

    Which statement is correct about the above log? (Choose two.)

    A. The target is 192.168.3.168.
    B. The target is 192.168.3.170.
    C. The attack was NOT blocked.
    D. The attack was blocked.

  • Question 94:

    The exhibit shoes three static routes.

    Which routes will be used to route the packets to the destination IP address 172.20.168.1?

    A. The route with the ID number 2 and 3.
    B. Only the route with the ID number 3.
    C. Only the route with the ID number 2.
    D. Only the route with the ID number 1.

  • Question 95:

    An administrator wants to create an IPsec VPN tunnel between two FortiGate devices.

    Which three configuration steps must be performed on both units to support this scenario? (Choose three.)

    A. Create firewall policies to allow and control traffic between the source and destination IP addresses.
    B. Configure the appropriate user groups to allow users access to the tunnel.
    C. Set the operating mode to IPsec VPN mode.
    D. Define the phase 2 parameters.
    E. Define the Phase 1 parameters.

  • Question 96:

    Which statement best describes what a Fortinet System on a Chip (SoC) is?

    A. Low-power chip that provides general purpose processing power
    B. Chip that combines general purpose processing power with Fortinet's custom ASIC technology
    C. Light-version chip (with fewer features) of an SP processor
    D. Light-version chip (with fewer features) of a CP processor

  • Question 97:

    How do application control signatures update on a FortiGate device?

    A. Through FortiGuard updates.
    B. Upgrade the FortiOS firmware to a newer release.
    C. By running the Application Control auto-learning feature.
    D. Signatures are hard coded to the device and cannot be updated.

  • Question 98:

    In FortiOS session table output, what are the two possible `proto_state' values for a UDP session? (Choose two.)

    A. 00
    B. 11
    C. 01
    D. 05

  • Question 99:

    Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit.

    Which statements is correct regarding this output?

    A. One tunnel is rekeying.
    B. Two tunnels are rekeying.
    C. Two tunnels are up.
    D. One tunnel is up.

  • Question 100:

    Which of the following statements best describe the main requirements for a traffic session to be offload eligible to an NP6 processor? (Choose three.)

    A. Session packets do NOT have an 802.1Q VLAN tag.
    B. It is NOT multicast traffic.
    C. It does NOT require proxy-based inspection.
    D. Layer 4 protocol must be UDP, TCP, SCTP or ICMP.
    E. It does NOT require flow-based inspection.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.