NSE4 | Precise NSE4 Dumps Questions 2019

for Fortinet certification, Real Success Guaranteed with Updated . 100% PASS NSE4 Fortinet Network Security Expert 4 Written Exam (400) exam Today!

Also have NSE4 free dumps questions for you:

NEW QUESTION 1
Which of the following actions can be used with the FortiGuard quota feature? (Choose three.)

  • A. Allow
  • B. Block
  • C. Monitor
  • D. Warning
  • E. Authenticate

Answer: CDE

NEW QUESTION 2
A FortiGate is operating in NAT/Route mode and configured with two virtual LAN (VLAN) sub-interfaces added to the same physical interface.
Which one of the following statements is correct regarding the VLAN IDs in this scenario?

  • A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.
  • B. The two VLAN sub-interfaces must have different VLAN IDs.
  • C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.
  • D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.

Answer: B

NEW QUESTION 3
What is valid reason for using session based authentication instead of IP based authentication in a FortiGate web proxy solution?

  • A. Users are required to manually enter their credentials each time they connect to a different web site.
  • B. Proxy users are authenticated via FSSO.
  • C. There are multiple users sharing the same IP address.
  • D. Proxy users are authenticated via RADIUS.

Answer: C

NEW QUESTION 4
In FortiOS session table output, what are the two possible ‘proto_state’ values for a UDP session? (Choose two.)

  • A. 00
  • B. 11
  • C. 01
  • D. 05

Answer: AC

NEW QUESTION 5
Which header field can be used in a firewall policy for traffic matching?

  • A. ICMP type and code.
  • B. DSCP.
  • C. TCP window size.
  • D. TCP sequence number.

Answer: A

NEW QUESTION 6
What are required to be the same for two FortiGate units to form an HA cluster? (Choose two)

  • A. Firmware.
  • B. Model.
  • C. Hostname.
  • D. System time zone.

Answer: AB

NEW QUESTION 7
Which protocols can you use for secure administrative access to a FortiGate? (Choose two)

  • A. SSH
  • B. Telnet
  • C. NTLM
  • D. HTTPS

Answer: AD

NEW QUESTION 8
A FortiGate unit operating in NAT/route mode and configured with two sub-interface on the same physical interface. Which of the following statement is correct regarding the VLAN IDs in this scenario?

  • A. The two VLAN sub-interfaces can have the same VLAN IDs only if they have IP addresses in different subnets.
  • B. The two VLAN sub-interfaces must have different VLAN IDs.
  • C. The two VLAN sub-interfaces can have VLAN ID only if they belong to different VDOMs.
  • D. The two VLAN sub-interfaces can have the same VLAN if they are connected to different L2 IEEE 802.1Q complaint switches.

Answer: B

NEW QUESTION 9
What is not true of configuring disclaimers on the FortiGate?

  • A. Disclaimers can be used in conjunction with captive portal.
  • B. Disclaimers appear before users authenticate.
  • C. Disclaimers can be bypassed through security exemption lists.
  • D. Disclaimers must be accepted in order to continue to the authentication login or originally intended destination.

Answer: C

NEW QUESTION 10
In the debug command output shown in the exhibit, which of the following best described the MAC address 00:09:0f:69:03:7e ?
NSE4 dumps exhibit

  • A. It is one of the secondary MAC addresses of the port1 interface.
  • B. It is the primary MAC address of the port interface.
  • C. It is the MAC address of another network devices located in the same LAN segment as the FortiGate unit's port1 interface.
  • D. It is the HA virtual MAC address.

Answer: C

NEW QUESTION 11
When creating FortiGate administrative users, which configuration objects specify the account rights?

  • A. Remote access profiles.
  • B. User groups.
  • C. Administrator profiles.
  • D. Local-in policies.

Answer: C

NEW QUESTION 12
What must be configured in order to keep two static routes to the same destination in the routing table?

  • A. The same priority.
  • B. The same distance and same priority.
  • C. The same distance.
  • D. The same metric.

Answer: B

NEW QUESTION 13
Which is not a FortiGate feature?

  • A. Database auditing
  • B. Intrusion prevention
  • C. Web filtering
  • D. Application control

Answer: A

NEW QUESTION 14
Which statements are true regarding the use of a PAC file to configure the web proxy settings in an Internet browser? (Choose two.)

  • A. Only one proxy is supported.
  • B. Can be manually imported to the browser.
  • C. The browser can automatically download it from a web server.
  • D. Can include a list of destination IP subnets where the browser can connect directly to without using a proxy.

Answer: CD

NEW QUESTION 15
Which of the following statements best describes how the collector agent learns that a user has logged off from the network?

  • A. The workstation fails to reply to the polls frequently done by the collector agent.
  • B. The DC agent captures the log off event from the event logs, which it forwards to the collector agent.
  • C. The work station notifies the DC agent that the user has logged off.
  • D. The collector agent gets the logoff events when polling the respective domain controller.

Answer: D

NEW QUESTION 16
Which of the following statements best describes what a Certificate Signing Request (CSR) is?

  • A. A message sent by the Certificate Authority (CA) that contains a signed digital certificate.
  • B. An enquiry submitted to a Certificate Authority (CA) to request a root CA certificate
  • C. An enquiry submitted to a Certificate Authority (CA) to request a signed digital certificate
  • D. An enquiry submitted to a Certificate Authority (CA) to request a Certificate Revocation List (CRL)

Answer: B

100% Valid and Newest Version NSE4 Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/NSE4-exam-dumps.html (New 301 Q&As)