Skip to content

The Secret of Fortinet NSE4-5.4 exam dumps

Pass4sure offers free demo for NSE4-5.4 exam. “Fortinet Network Security Expert – FortiOS 5.4”, also known as NSE4-5.4 exam, is a Fortinet Certification. This set of posts, Passing the Fortinet NSE4-5.4 exam, will help you answer those questions. The NSE4-5.4 Questions & Answers covers all the knowledge points of the real exam. 100% real Fortinet NSE4-5.4 exams and revised by experts!

2018 NEW RECOMMEND

Free VCE & PDF File for Fortinet NSE4-5.4 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW NSE4-5.4 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/NSE4-5.4-dumps.html

P.S. Accurate NSE4-5.4 testing engine are available on Google Drive, GET MORE: https://drive.google.com/open?id=1qNqkyfzMtD_JBMTiOJF0Q0poKyl3pZ-7

New Fortinet NSE4-5.4 Exam Dumps Collection (Question 4 – Question 13)

Q4. Which of the following statements are true when using Web Proxy Auto-discovery Protocol (WPAD) with the DHCP discovery method? (Choose two.)

A. The browser sends a DHCPINFORM request to the DHCP server.

B. The browser will need to be preconfigured with the DHCP serveru2019s IP address.

C. The DHCP server provides the PAC file for download.

D. If the DHCP method fails, browsers will try the DNS method.

Answer: C,D

Q5. Examine this output from the diagnose sys top command:

Which statements about the output are true? (Choose two.)

A. sshd is the process consuming most memory

B. sshd is the process consuming most CPU

C. All the processes listed are in sleeping state

D. The sshd process is using 123 pages of memory

Answer: B,C

Q6. Which statements about the output are correct? (Choose two.)

A. FortiGate received a TCP SYN/ACK packet.

B. The source IP address of the packet was translated to 10.0.1.10.

C. FortiGate routed the packet through port 3.

D. The packet was allowed by the firewall policy with the ID 00007fc0.

Answer: B,C

Q7. An administrator wants to configure a FortiGate as a DNS server. The FortiGate must use its DNS database first, and then relay all irresolvable queries to an external DNS server. Which of the following DNS method must you use?

A. Non-recursive

B. Recursive

C. Forward to primary and secondary DNS

D. Forward to system DNS

Answer: B

Q8. What are the purposes of NAT traversal in IPsec? (Choose two.)

A. To detect intermediary NAT devices in the tunnel path.

B. To encapsulate ESP packets in UDP packets using port 4500.

C. To force a new DH exchange with each phase 2 re-key

D. To dynamically change phase 1 negotiation mode to Aggressive.

Answer: A,B

Q9. View the exhibit.

Which statements about the exhibit are true? (Choose two.)

A. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.

B. port1-VLAN1 is the native VLAN for the port1 physical interface.

C. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.

D. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.

Answer: A,D

Q10. Which statements are correct based on this output? (Choose two.)

A. The global configuration is synchronized between the primary and secondary FortiGate.

B. The all VDOM is not synchronized between the primary and secondary FortiGate.

C. The root VDOM is not synchronized between the primary and secondary FortiGate.

D. The FortiGates have three VDOMs.

Answer: A,B

Q11. A FortiGate interface is configured with the following commands:

What statements about the configuration are correct? (Choose two.)

A. IPv6 clients connected to port1 can use SLAAC to generate their IPv6 addresses.

B. FortiGate can provide DNS settings to IPv6 clients.

C. FortiGate can send IPv6 router advertisements (RAs.)

D. FortiGate can provide IPv6 addresses to DHCPv6 client.

Answer: A,C

Q12. Which statements about IP-based explicit proxy authentication are true? (Choose two.)

A. IP-based authentication is best suited to authenticating users behind a NAT device.

B. Sessions from the same source address are treated as a single user.

C. IP-based authentication consumes less FortiGateu2019s memory than session-based authentication.

D. FortiGate remembers authenticated sessions using browser cookies.

Answer: B,C

Q13. Which of the following statements about advanced AD access mode for FSSO collector agent are true? (Choose two.)

A. It is only supported if DC agents are deployed.

B. FortiGate can act as an LDAP client configure the group filters.

C. It supports monitoring of nested groups.

D. It uses the Windows convention for naming, that is, Domain\\Username.

Answer: B,D

Recommend!! Get the Accurate NSE4-5.4 dumps in VCE and PDF From Examcollection, Welcome to download: http://www.examcollectionuk.com/NSE4-5.4-vce-download.html (New Q&As Version)