1. Home
  2. Fortinet
  3. NSE4

Fortinet NSE4 Online Practice Questions and Exam Preparation

NSE4 Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet NSE4 Online Questions & Answers

  • Question 121:

    An Internet browser is using the WPAD DNS method to discover the PAC file's URL. The DNS server replies to the browser's request with the IP address 10.100.1.10. Which URL will the browser use to download the PAC file?

    A. http://10.100.1.10/proxy.pac
    B. https://10.100.1.10/
    C. http://10.100.1.10/wpad.dat
    D. https://10.100.1.10/proxy.pac

  • Question 122:

    Which statements are true about offloading antivirus inspection to a Security Processor (SP)? (Choose two.)

    A. Both proxy-based and flow-based inspection are supported.
    B. A replacement message cannot be presented to users when a virus has been detected.
    C. It saves CPU resources.
    D. The ingress and egress interfaces can be in different SPs.

  • Question 123:

    Which statements are true regarding local user authentication? (Choose two.)

    A. Two-factor authentication can be enabled on a per user basis.
    B. Local users are for administration accounts only and cannot be used to authenticate network users.
    C. Administrators can create the user accounts in a remote server and store the user passwords locally in the FortiGate.
    D. Both the usernames and passwords can be stored locally on the FortiGate.

  • Question 124:

    What capabilities can a FortiGate provide? (Choose three)

    A. Mail relay
    B. Email filtering
    C. Firewall
    D. VPN gateway
    E. Mail server

  • Question 125:

    Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)

    A. Proxy
    B. Operating system
    C. Kernel
    D. System
    E. Device

  • Question 126:

    Which statements are true regarding IPv6 anycast addresses? (Choose two.)

    A. Multiple interfaces can share the same anycast address.
    B. They are allocated from the multicast address space.
    C. Different nodes cannot share the same anycast address.
    D. An anycast packet is routed to the nearest interface.

  • Question 127:

    Which of the following spam filtering methods are supported on the FortiGate unit? (Select all that apply.)

    A. IP Address Check
    B. Open Relay Database List (ORDBL)
    C. Black/White List
    D. Return Email DNS Check
    E. Email Checksum Check

  • Question 128:

    Which of the following authentication methods are supported in an IPsec phase 1? (Choose two.)

    A. Asymmetric Keys
    B. CA root digital certificates
    C. RSA signature
    D. Pre-shared keys

  • Question 129:

    The exhibit shows the Disconnect Cluster Member command in a FortiGate unit that is part of a HA cluster with two HA members.

    What is the effect of the Disconnect Cluster Member command as given in the exhibit. (Choose two.)

    A. Port3 is configured with an IP address management access.
    B. The firewall rules are purged on the disconnected unit.
    C. The HA mode changes to standalone.
    D. The system hostname is set to the unit serial number.

  • Question 130:

    How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?

    A. A static route must be configured by the administrator using the ssl.root interface as the outgoing interface.
    B. Assignment of an IP address to the client causes a host route to be added to the FortiGate unit's kernel routing table.
    C. A route back to the SSLVPN IP pool is automatically created on the FortiGate unit.
    D. The FortiGate unit adds a route based upon the destination address in the SSL VPN firewall policy.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.