1. Home
  2. Fortinet
  3. NSE4

Fortinet Network Security Expert 4 Written Exam (400)

Exam Details

  • Exam Code
    :NSE4
  • Exam Name
    :Fortinet Network Security Expert 4 Written Exam (400)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :301 Q&As
  • Last Updated
    :Apr 21, 2024

Fortinet Fortinet Certifications NSE4 Questions & Answers

  • Question 281:

    Which of the following statements are correct regarding logging to memory on a FortiGate unit?

    A. When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory.

    B. When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages.

    C. If the FortiGate unit is reset or loses power, log entries captured to memory will be lost.

    D. None of the above.

  • Question 282:

    Which of the following statements are characteristics of a FSSO solution using advanced access mode? (Choose three.)

    A. Protection profiles can be applied to both individual users and user groups

    B. Nested or inherited groups are supported

    C. Usernames follow the LDAP convention: CN=User, OU=Name, DC=Domain

    D. Usernames follow the Windows convention: Domain\username

    E. Protection profiles can be applied to user groups only.

  • Question 283:

    What attributes are always included in a log header? (Choose three.)

    A. policyid

    B. level

    C. user

    D. time

    E. subtype

    F. duration

  • Question 284:

    An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has enabled split tunneling.

    Given that the user authenticates against the SSL VPN policy shown in the image below, which statement below identifies the route that is added to the client's routing table.

    A. A route to destination matching the `WIN2K3' address object.

    B. A route to the destination matching the `all' address object.

    C. A default route.

    D. No route is added.

  • Question 285:

    A FortiGate is configured with three virtual domains (VDOMs). Which of the following statements is correct regarding multiple VDOMs?

    A. The FortiGate must be a model 1000 or above to support multiple VDOMs.

    B. A license has to be purchased and applied to the FortiGate before VDOM mode could be enabled.

    C. Changing the operational mode of a VDOM requires a reboot of the FortiGate.

    D. The FortiGate supports any combination of VDOMs in NAT/Route and transparent modes.

  • Question 286:

    Files reported as "suspicious" were subject to which Antivirus check"?

    A. Grayware

    B. Virus

    C. Sandbox

    D. Heuristic

  • Question 287:

    Which statement best describes what SSL.root is?

    A. The name of the virtual network adapter required in each user's PC for SSL VPN Tunnel mode.

    B. The name of a virtual interface in the root VDOM where all the SSL VPN user traffic comes from.

    C. A Firewall Address object that contains the IP addresses assigned to SSL VPN users.

    D. The virtual interface in the root VDOM that the remote SSL VPN tunnels connect to.

  • Question 288:

    Review the IPsec phase 2 configuration shown in the exhibit; then answer the question below.

    Which statements are correct regarding this configuration? (Choose two.)

    A. The Phase 2 will re-key even if there is no traffic.

    B. There will be a DH exchange for each re-key.

    C. The sequence number of ESP packets received from the peer will not be checked.

    D. Quick mode selectors will default to those used in the firewall policy.

  • Question 289:

    Which UTM feature sends a UDP query to FortiGuard servers each time FortiGate scans a packet (unless the response is locally cached)?

    A. Antivirus

    B. VPN

    C. IPS

    D. Web Filtering

  • Question 290:

    If you have lost your password for the "admin" account on your FortiGate, how should you reset it?

    A. Log in with another administrator account that has "super_admin" profile permissions, then reset the password for the "admin" account.

    B. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to format the flash disk and reinstall the firmware. Then you can log in with the default password.

    C. Power off the FortiGate. After several seconds, restart it. Via the local console, within 30 seconds after booting has completed, log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.

    D. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE4 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.