1. Home
  2. Fortinet
  3. NSE4

Fortinet NSE4 Online Practice Questions and Exam Preparation

NSE4 Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet NSE4 Online Questions & Answers

  • Question 181:

    What information is synchronized between two FortiGate units that belong to the same HA cluster? (Choose three)

    A. IP addresses assigned to DHCP enabled interface.
    B. The master devices hostname.
    C. Routing configured and state.
    D. Reserved HA management interface IP configuration.
    E. Firewall policies and objects.

  • Question 182:

    How can DLP file filters be configured to detect Office 2010 files?

    A. File TypE. Microsoft Office(msoffice)
    B. File TypE. Archive(zip)
    C. File TypE. Unknown Filetype(unknown)
    D. File NamE. "*.ppt", "*.doc", "*.xls"
    E. File NamE. "*.pptx", "*.docx", "*.xlsx"

  • Question 183:

    Review to the network topology in the exhibit.

    The workstation, 172.16.1.1/24, connects to port2 of the FortiGate device, and the ISP router, 172.16.1.2, connects to port1. Without changing IP addressing, which configuration changes are required to properly forward users traffic to the Internet? (Choose two)

    A. At least one firewall policy from port2 to port1 to allow outgoing traffic.
    B. A default route configured in the FortiGuard devices pointing to the ISP's router.
    C. Static or dynamic IP addresses in both ForitGate interfaces port1 and port2.
    D. The FortiGate devices configured in transparent mode.

  • Question 184:

    You have created a new administrator account, and assign it the prof_admin profile. Which is false about that account's permissions?

    A. It cannot upgrade or downgrade firmware.
    B. It can create and assign administrator accounts to parts of its own VDOM.
    C. It can reset forgotten passwords for other administrator accounts such as "admin".
    D. It has a smaller permissions scope than accounts with the "super_admin" profile.

  • Question 185:

    In HA, the option Reserve Management Port for Cluster Member is selected as shown in the exhibit below.

    Which statements are correct regarding this setting? (Choose two.)

    A. Interface settings on port7 will not be synchronized with other cluster members.
    B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface.
    C. When connecting to port7 you always connect to the master device.
    D. A gateway address may be configured for port7.

  • Question 186:

    Which of the following statements is true regarding the use of a PAC file to configure the web proxy settings in an Internet browser? (Choose two.)

    A. More than one proxy is supported.
    B. Can contain a list of destinations that will be exempt from the use of any proxy.
    C. Can contain a list of URLs that will be exempted from the FortiGate web filtering inspection.
    D. Can contain a list of users that will be exempted from the use of any proxy.

  • Question 187:

    What functions can the IPv6 Neighbor Discovery Protocol accomplish? (Choose two.)

    A. Negotiate the encryption parameters to use.
    B. Auto-adjust the MTU setting.
    C. Autoconfigure addresses and prefixes.
    D. Determine other nodes reachability.

  • Question 188:

    Which two statements are true about IPsec VPNs and SSL VPNs? (Choose two.)

    A. SSL VPN creates a HTTPS connection. IPsec does not.
    B. Both SSL VPNs and IPsec VPNs are standard protocols.
    C. Either a SSL VPN or an IPsec VPN can be established between two FortiGate devices.
    D. Either a SSL VPN or an IPsec VPN can be established between an end-user workstation and a FortiGate device.

  • Question 189:

    Regarding tunnel-mode SSL VPN, which three statements are correct? (Choose three.)

    A. Split tunneling is supported.
    B. It requires the installation of a VPN client.
    C. It requires the use of an Internet browser.
    D. It does not support traffic from third-party network applications.
    E. An SSL VPN IP address is dynamically assigned to the client by the FortiGate unit.

  • Question 190:

    Which FSSO agents are required for a FSSO agent-based polling mode solution?

    A. Collector agent and DC agents
    B. Polling agent only
    C. Collector agent only
    D. DC agents only

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.