Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)
A. Manual update by downloading the signatures from the support site.
B. FortiGuard pull updates.
C. Push updates from a FortiAnalyzer.
D. execute fortiguard-AV-AS command from the CLI.
A FortiGate unit operating in NAT/route mode and configured with two sub-interface on the same physical interface. Which of the following statement is correct regarding the VLAN IDs in this scenario?
A. The two VLAN sub-interfaces can have the same VLAN IDs only if they have IP addresses in different subnets.
B. The two VLAN sub-interfaces must have different VLAN IDs.
C. The two VLAN sub-interfaces can have VLAN ID only if they belong to different VDOMs.
D. The two VLAN sub-interfaces can have the same VLAN if they are connected to different L2 IEEE 802.1Q complaint switches.
With FSSO DC-agent mode, a domain user could authenticate either against the domain controller running the collector agent and domain controller agent, or a domain controller running only the domain controller agent.
If you attempt to authenticate with a domain controller running only the domain controller agent, which statements are correct? (Choose two.)
A. The login event is sent to a collector agent.
B. The FortiGate receives the user information directly from the receiving domain controller agent of the secondary domain controller.
C. The domain collector agent may perform a DNS lookup for the authenticated client's IP address.
D. The user cannot be authenticated with the FortiGate in this manner because each domain controller agent requires a dedicated collector agent.
Which is one of the conditions that must be met for offloading the encryption and decryption of IPsec traffic to an NP6 processor?
A. no protection profile can be applied over the IPsec traffic.
B. Phase-2 anti-replay must be disabled.
C. Phase 2 must have an encryption algorithm supported by the NP6.
D. IPsec traffic must not be inspected by any FortiGate session helper.
Which of the following protocols are defined in the IPsec Standard? (Choose two)
A. AH
B. GRE
C. SSL/TLS
D. ESP
Which authentication methods does FortiGate support for firewall authentication? (Choose two.)
A. Remote Authentication Dial in User Service (RADIUS)
B. Lightweight Directory Access Protocol (LDAP)
C. Local Password Authentication
D. POP3
E. Remote Password Authentication
Which of the following options best defines what Diffie-Hellman is?
A. A symmetric encryption algorithm.
B. A "key-agreement" protocol.
C. A "Security-association-agreement" protocol.
D. An authentication algorithm.
Which of the following regular expression patterns makes the terms "confidential data" case insensitive?
A. [confidential data]
B. /confidential data/i
C. i/confidential data/
D. "confidential data"
What are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)
A. DNS server must properly resolve all workstation names
B. The remote registry service must be running in all workstations
C. The collector agent must be installed in one of the Windows domain controllers
D. A same user cannot be logged in into two different workstations at the same time
Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)
A. Manual update by downloading the signatures from the support site.
B. Pull updates from the FortiGate device
C. Push updates from the FortiGuard Distribution Network.
D. execute fortiguard-AV-AS command from the CLI.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.