1. Home
  2. Fortinet
  3. NSE4

Fortinet NSE4 Online Practice Questions and Exam Preparation

NSE4 Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet NSE4 Online Questions & Answers

  • Question 141:

    Which profile could IPS engine use on an interface that is in sniffer mode? (Choose three)

    A. Antivirus (flow based
    B. Web filtering (PROXY BASED)
    C. Intrusion Protection
    D. Application Control
    E. Endpoint control

  • Question 142:

    When the SSL proxy is NOT doing man-in-the-middle interception of SSL traffic, which certificate field can be used to determine the rating of a website?

    A. Organizational Unit.
    B. Common name.
    C. Serial Number.
    D. Validity.

  • Question 143:

    In a Crash log, what does a status of 0 indicate?

    A. Abnormal termination of a process
    B. A process closed for any reason
    C. Scanunitd process crashed
    D. Normal shutdown with no abnormalities
    E. DHCP process crashed

  • Question 144:

    What are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)

    A. DNS server must properly resolve all workstation names
    B. The remote registry service must be running in all workstations
    C. The collector agent must be installed in one of the Windows domain controllers
    D. A same user cannot be logged in into two different workstations at the same time

  • Question 145:

    What logging options are supported on a FortiGate unit? (Choose two.)

    A. LDAP
    B. Syslog
    C. FortiAnalyzer
    D. SNMP

  • Question 146:

    Which statement is one disadvantage of using FSSO NetAPI polling mode over FSSO Security Event Log (WinSecLog) polling mode?

    A. It requires a DC agent installed in some of the Windows DC.
    B. It runs slower.
    C. It might miss some logon events.
    D. It requires access to a DNS server for workstation name resolution.

  • Question 147:

    Which of the following statements are correct concerning IPsec dialup VPN configurations for FortiGate devices? (Choose two)

    A. Main mode mist be used when there is no more than one IPsec dialup VPN configured on the same FortiGate device.
    B. A FortiGate device with an IPsec VPN configured as dialup can initiate the tunnel connection to any remote IP address.
    C. Peer ID must be used when there is more than one aggressive-mode IPsec dialup VPN on the same FortiGate device.
    D. The FortiGate will automatically add a static route to the source quick mode selector address received from each remote peer.

  • Question 148:

    In a high availability cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a slave unit?

    A. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
    B. Request: internal host; slave FortiGate; Internet; web server.
    C. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
    D. Request: internal host; master FortiGate; slave FortiGate; Internet; web server.

  • Question 149:

    Which operating system vulnerability can you protect when selecting signatures to include in an IPS sensor? (choose three)

    A. Irix
    B. QNIX
    C. Linux
    D. Mac OS
    E. BSD

  • Question 150:

    Which protocols can you use for secure administrative access to a FortiGate? (Choose two)

    A. SSH
    B. Telnet
    C. NTLM
    D. HTTPS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.