Download NSE4-5.4 Braindumps 2021

NEW QUESTION 1
The FortiGate Web Config provides a link to update the firmware in the System > Status window.Clicking this link will perform which of the following actions?

• A. It will connect to the Fortinet support site where the appropriate firmware version can be selected.
• B. It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
• C. It will present a prompt to allow browsing to the location of the firmware file.
• D. It will automatically connect to the Fortinet support site to download the most recent firmware version for the FortiGate unit.

Answer: C

NEW QUESTION 2
Which of the following statements are correct concerning the FortiGate session life support protocol? (Choose two)

• A. By default, UDP sessions are not synchronized.
• B. Up to four FortiGate devices in standalone mode are supported.
• C. only the master unit handles the traffic.
• D. Allows per-VDOM session synchronization.

Answer: AD

NEW QUESTION 3
What are the requirements for a cluster to maintain TCP connections after device or link failover?
(Select all that apply.)

• A. Enable session pick-up.
• B. Only applies to connections handled by a proxy.
• C. Only applies to UDP and ICMP connections.
• D. Connections must not be handled by a proxy.

Answer: AD

NEW QUESTION 4
Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

• A. Firewall
• B. Directory Service
• C. Local
• D. LDAP
• E. PKI

Answer: AB

NEW QUESTION 5
What is a valid reason for using session based authentication instead of IP based authentication in a
FortiGate web proxy solution?

• A. Users are required to manually enter their credentials each time they connect to a different web site.
• B. Proxy users are authenticated via FSSO.
• C. There are multiple users sharing the same IP address.
• D. Proxy users are authenticated via RADIUS.

Answer: C

NEW QUESTION 6
Examine the network topology diagram in the exhibit; the workstation with the IP address 212.10.11.110 sends a TCP SYN packet to the workstation with the IP address 212.10.11.20.

Which of the following sentences best describes the result of the reverse path forwarding (RFP) check executed by the FortiGate on the SYN packets? (Choose two).

• A. Packets is allowed if RPF is configured as loose.
• B. Packets is allowed if RPF is configured as strict.
• C. Packets is blocked if RPF is configured as loose.
• D. Packets is blocked if RPF is configured as strict.

Answer: AD

NEW QUESTION 7
In transparent mode, forward-domain is a CLI setting associated with .

• A. a static route.
• B. a firewall policy.
• C. an interface.
• D. a virtual domain.

Answer: C

NEW QUESTION 8
Which of the following statements is true regarding the TCP SYN packets that go from a client,
through an implicit web proxy (transparent proxy), to a web server listening at TCP port 80? (Choose three.)

• A. The source IP address matches the client IP address.
• B. The source IP address matches the proxy IP address.
• C. The destination IP address matches the proxy IP address.
• D. The destination IP address matches the server IP addresses.
• E. The destination TCP port number is 80.

Answer: ADE

NEW QUESTION 9
Which statement best describes what SSL VPN Client Integrity Check does?

• A. Blocks SSL VPN connection attempts from users that has been blacklisted.
• B. Detects the Windows client security applications running in the SSL VPN client's PCs.
• C. Validates the SSL VPN user credential.
• D. Verifies which SSL VPN portal must be presented to each SSL VPN user.
• E. Verifies that the latest SSL VPN client is installed in the client's PC.

Answer: B

NEW QUESTION 10
Examine the exhibit, which shows the output of a web filtering real time debug.

Why is the site www.bing.com being blocked?

• A. The web server IP address 204.79.197.200 is categorized by FortiGuard as Malicious Websites.
• B. The rating for the web site www.bing.com has been locally overridden to a category that is being blocked.
• C. The web site www.bing.com is categorized by FortiGuard as Malicious Websites.
• D. The user has not authenticated with the FortiGate yet.

Answer: A

NEW QUESTION 11
An administrator is examining the attack logs and notices the following entry:

Based on the information displayed in this entry, which of the following statements are correct? (Select all that apply.)

• A. This is an HTTP server attack.
• B. The attack was detected and blocked by the FortiGate unit.
• C. The attack was against a FortiGate unit at the 192.168.1.100 IP address.
• D. The attack was detected and passed by the FortiGate unit.

Answer: CD

NEW QUESTION 12
View the exhibit.

Why is the administrator getting the error shown in the exhibit?

• A. The administrator admin does not have the privileges required to configure global settings.
• B. The global settings cannot be configured from the root VDOM context.
• C. The command config system global does not exist in FortiGate.
• D. The administrator must first enter the command edit global.

Answer: A

NEW QUESTION 13
Which are valid replies from a RADIUS server to an ACCESS-REQUEST packet from a FortiGate?
(Choose two.)

• A. ACCESS-CHALLENGE
• B. ACCESS-RESTRICT
• C. ACCESS-PENDING
• D. ACCESS-REJECT

Answer: AD

NEW QUESTION 14
Which best describe the mechanism of a TCP SYN flood?

• A. The attacker keeps open many connections with slow data transmission so that other clients cannot start new connections.
• B. The attacker sends a packet designed to "sync" with the FortiGate.
• C. The attacker sends a specially crafted malformed packet, intended to crash the target by exploiting its parser.
• D. The attacker starts many connections, but never acknowledges to fully form them.

Answer: D

NEW QUESTION 15
Which of the following statements is correct regarding the FortiGuard Services Web Filtering
Override configuration as illustrated in the exhibit?

• A. Any client on the same subnet as the authenticated user is allowed to accesswww.yahoo.com/images/.
• B. A client with an IP of address 10.10.10.12 is allowed access to any subdirectory that is part of the www.yahoo.com web site.
• C. A client with an IP address of 10.10.10.12 is allowed access to the www.yahoo.com/images/ web site and any of its offsite URLs.
• D. A client with an IP address of 10.10.10.12 is allowed access to any URL under the www.yahoo.com web site, including any subdirectory URLs, until August 7, 2009.
• E. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/ until August 7, 2009.

Answer: C

NEW QUESTION 16
CORRECT TEXT
In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and _______ services.

Answer:

Explanation: antispam

NEW QUESTION 17
An administrator has configured a dialup IPsec VPN with XAuth. Which method statement best
describes this scenario?

• A. Only digital certificates will be accepted as an authentication method in phase 1.
• B. Dialup clients must provide a username and password for authentication.
• C. Phase 1 negotiations will skip pre-shared key exchange.
• D. Dialup clients must provide their local ID during phase 2 negotiations.

Answer: B