NSE4 Exam Details
-
Exam Code
:NSE4 -
Exam Name
:Fortinet Network Security Expert 4 Written Exam (400) -
Certification
:Fortinet Certifications -
Vendor
:Fortinet -
Total Questions
:301 Q&As -
Last Updated
:Apr 21, 2024
Fortinet NSE4 Online Questions & Answers
-
Question 211:
Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols?
A. Proxy-based.
B. DNS-based.
C. Flow-based.
D. Man-in-the-middle. -
Question 212:
What action does an IPsec Gateway take with the user traffic routed to an IPsec VPN when it does not match any phase 2 quick mode selector?
A. Traffic is dropped
B. Traffic is routed across the default phase 2.
C. Traffic is routed to the next available route in the routing table.
D. Traffic is routed unencrypted to the interface where the IPsec VPN is terminating. -
Question 213:
When does a FortiGate load-share traffic between two static routes to the same destination subnet?
A. When they have the same cost and distance.
B. When they have the same distance and the same weight.
C. When they have the same distance and different priority.
D. When they have the same distance and same priority. -
Question 214:
Which is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying a FortiGate unit?
A. MIB-based report uploads.
B. SNMP access limited by access lists.
C. Packet encryption.
D. Running SNMP service on a non-standard port is possible. -
Question 215:
Which statements are true regarding the factory default configuration? (Choose three.)
A. The default web filtering profile is applied to the first firewall policy.
B. The 'Port1' or 'Internal' interface has the IP address 192.168.1.99.
C. The implicit firewall policy action is ACCEPT.
D. The 'Port1' or 'Internal' interface has a DHCP server set up and enabled (on device models that support DHCP servers).
E. Default login uses the username: admin (all lowercase) and no password. -
Question 216:
Which of the following combinations of two FortiGate device configurations (side A and side B), can be used to successfully establish an IPsec VPN between them? (choose two)
A. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: aggressive mode, remote Gateway as static IP address policy-based VPN.
B. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: main mode, remote gateway as static IP address, route-based VPN
C. Side A:main mode, remote gateway as static IP address, policy based VPN. Side B: main mode, remote gateway as dialup, route-based VPN.
D. Side A: main mode, remote gateway as dialup policy based VPN, Side B: main mode, remote gateway as dialup, policy based VPN. -
Question 217:
Which of the following are operating mode supported in FortiGate devices? (Choose two)
A. Proxy
B. Transparent
C. NAT/route
D. Offline inspection -
Question 218:
Which correctly define "Section View" and "Global View" for firewall policies? (Choose two.)
A. Section View lists firewall policies primarily by their interface pairs.
B. Section View lists firewall policies primarily by their sequence number.
C. Global View lists firewall policies primarily by their interface pairs.
D. Global View lists firewall policies primarily by their policy sequence number.
E. The 'any' interface may be used with Section View. -
Question 219:
In FortiOS session table output, what is the correct `proto_state' number for an established, non-proxied TCP connection?
A. 00
B. 11
C. 01
D. 05 -
Question 220:
A FortiGate is configured with the 1.1.1.1/24 address on the wan2 interface and HTTPS Administrative Access, using the default tcp port, is enabled for that interface. Given the SSL VPN settings in the exhibit.
Which of the following SSL VPN login portal URLs are valid? (Choose two.)
A. http://1.1.1.1:443/Training
B. https://1.1.1.1:443/STUDENTS
C. https://1.1.1.1/login
D. https://1.1.1.1/
Related Exams:
-
EMEA-ADVANCED-SUPPORT
Fortinet EMEA Advanced Support -
FCP_FAC_AD-6.5
FCP - FortiAuthenticator 6.5 Administrator -
FCP_FAZ_AD-7.4
FCP - FortiAnalyzer 7.4 Administrator -
FCP_FAZ_AN-7.4
FCP - FortiAnalyzer 7.4 Analyst -
FCP_FAZ_AN-7.6
Fortinet NSE 5 - FortiAnalyzer 7.6 Analyst -
FCP_FCT_AD-7.2
FCP - Forti Client EMS 7.2 Administrator -
FCP_FCT_AD-7.4
Fortinet NSE 6 - FortiClient EMS 7.4 Administrator -
FCP_FGT_AD-7.4
FCP - FortiGate 7.4 Administrator -
FCP_FGT_AD-7.6
FortiGate 7.6 Administrator FCP_FGT_AD-7.6 -
FCP_FMG_AD-7.4
FCP - FortiManager 7.4 Administrator
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.