Fortinet Fortinet Certifications NSE4 Questions & Answers

• Question 241:

  In which order are firewall policies processed on a FortiGate unit?

  A. From top to bottom, according with their sequence number.

  B. From top to bottom, according with their policy ID number.

  C. Based on best match.

  D. Based on the priority value.

  Correct Answer: A

• Question 242:

  Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network?

  A. FortiGate

  B. FortiClient

  C. FortiMail

  D. FortiAnalyzer

  Correct Answer: ABC

• Question 243:

  Which of the following statements are correct regarding a master HA unit? (Choose two)

  A. There should be only one master unit is each HA virtual cluster.

  B. The Master synchronizes cluster configuration with slaves.

  C. Only the master has a reserved management HA interface.

  D. Heartbeat interfaces are not required on a master unit.

  Correct Answer: AB

• Question 244:

  Which of the following statements best describe the main requirements for a traffic session to be offload eligible to an NP6 processor? (Choose three.)

  A. Session packets do NOT have an 802.1Q VLAN tag.

  B. It is NOT multicast traffic.

  C. It does NOT require proxy-based inspection.

  D. Layer 4 protocol must be UDP, TCP, SCTP or ICMP.

  E. It does NOT require flow-based inspection.

  Correct Answer: CDE

• Question 245:

  Which statement concerning IPS is false?

  A. IPS packages contain an engine and signatures used by both IPS and other flow-based scans.

  B. One-arm topology with sniffer mode improves performance of IPS blocking.

  C. IPS can detect zero-day attacks.

  D. The status of the last service update attempt from FortiGuard IPS is shown on System>Config>FortiGuard and in output from 'diag autoupdate version'

  Correct Answer: D

• Question 246:

  The exhibit shows the Disconnect Cluster Member command in a FortiGate unit that is part of a HA cluster with two HA members.

  

  What is the effect of the Disconnect Cluster Member command as given in the exhibit. (Choose two.)

  A. Port3 is configured with an IP address management access.

  B. The firewall rules are purged on the disconnected unit.

  C. The HA mode changes to standalone.

  D. The system hostname is set to the unit serial number.

  Correct Answer: AC

• Question 247:

  Which of the following statements best describes what the Document Fingerprinting feature is for?

  A. Protects sensitive documents from leakage

  B. Appends a fingerprint signature to all documents sent by users

  C. Appends a fingerprint signature to all the emails sent by users

  D. Validates the fingerprint signature in users' emails

  Correct Answer: A

• Question 248:

  In FortiOS session table output, what is the correct `proto_state' number for an established, non-proxied TCP connection?

  B. 11

  C. 01

  D. 05

  Correct Answer: C

• Question 249:

  Which of the following are considered log types? (Choose three.)

  A. Forward log

  B. Traffic log

  C. Syslog

  D. Event log

  E. Security log

  Correct Answer: BDE

• Question 250:

  Which of the following statements is true regarding the TCP SYN packets that go from a client, through an implicit web proxy (transparent proxy), to a web server listening at TCP port 80? (Choose three.)

  A. The source IP address matches the client IP address.

  B. The source IP address matches the proxy IP address.

  C. The destination IP address matches the proxy IP address.

  D. The destination IP address matches the server IP addresses.

  E. The destination TCP port number is 80.

  Correct Answer: ADE