1. Home
  2. Fortinet
  3. NSE4

Fortinet Network Security Expert 4 Written Exam (400)

Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet Fortinet Certifications NSE4 Questions & Answers

  • Question 221:

    Which statement is correct concerning creating a custom signature?

    A. It must start with the name

    B. It must indicate whether the traffic flow is from the client or the server.

    C. It must specify the protocol. Otherwise, it could accidentally match lower-layer protocols.

    D. It is not supported by Fortinet Technical Support.

  • Question 222:

    Your Linux email server runs on a non-standard port number, port 2525. Which statement is true?

    A. IPS cannot scan that traffic for SMTP anomalies because of the non-standard port number. You must reconfigured the server to run on port 2.

    B. To apply IPS to traffic to that server, you must configured FortiGate SMTP proxy to listen on port 2525

    C. IPS will apply all SMTP signatures, regardless of whether they apply to clients or servers.

    D. Protocol decoders automatically detect SMTP and scan for matches with appropriate IPS signature.

  • Question 223:

    Which action does the FortiGate take when link health monitor times out?

    A. All routes to the destination subnet configured in the link health monitor are removed from the routing table.

    B. The distance values of all routes using interface configured in the link health monitor are increased.

    C. The priority values of all routes using configured in the link health monitor are increased.

    D. All routes using the next-hop gateway configured in the link health monitor are removed from the routing table.

  • Question 224:

    Examine the following output from the diagnose sys session list command:

    Which statements are true regarding the session above? (Choose two.)

    A. Session Time-To-Live (TTL) was configured to 9 seconds.

    B. FortiGate is doing NAT of both the source and destination IP address on all packets coming from the

    192.168.1.110 address.

    C. The IP address 192.168.1.110 is being translated to 172.17.87.16.

    D. The FortiGate is not translating the TCP port numbers of the packets in this session.

  • Question 225:

    An administrator has configured a route-based site-to-site IPsec VPN. Which statement is correct regarding this IPsec VPN configuration?

    A. The IPsec firewall policies must be placed at the top of the list.

    B. This VPN cannot be used as a part of a hub and spoke topology.

    C. Routes are automatically created based on the quick mode selectors.

    D. A virtual IPsec interface is automatically created after the Phase 1 configuration is completed.

  • Question 226:

    In a FSSO agent mode solution, how does the FSSO collector agent learn each IP address?

    A. The DC agents get each user IP address from the event logs and forward that information to the collector agent

    B. The collector agent does not know, and does not need, each user IP address. Only workstation names are known by the collector agent.

    C. The collector agent frequently polls the AD domain controllers to get each user IP address.

    D. The DC agent learns the workstation name from the event logs and DNS is then used to translate those names to the respective IP addresses.

  • Question 227:

    What is valid reason for using session based authentication instead of IP based authentication in a FortiGate web proxy solution?

    A. Users are required to manually enter their credentials each time they connect to a different web site.

    B. Proxy users are authenticated via FSSO.

    C. There are multiple users sharing the same IP address.

    D. Proxy users are authenticated via RADIUS.

  • Question 228:

    Review the IKE debug output for IPsec shown in the exhibit below.

    Which statements is correct regarding this output?

    A. The output is a phase 1 negotiation.

    B. The output is a phase 2 negotiation.

    C. The output captures the dead peer detection messages.

    D. The output captures the dead gateway detection packets.

  • Question 229:

    Regarding the header and body sections in raw log messages, which statement is correct?

    A. The header and body section layouts change depending on the log type.

    B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type.

    C. Some log types include multiple body sections.

    D. Some log types do not include a body section.

  • Question 230:

    Which portion of the configuration does an administrator specify the type of IPsec configuration (either policy-based or route-based)?

    A. Under the IPsec VPN global settings.

    B. Under the phase 2 settings.

    C. Under the phase 1 settings.

    D. Under the firewall policy settings.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.