Fortinet NSE4 Dumps 2021

NEW QUESTION 1
Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)

• A. Proxy
• B. Operating system
• C. Kernel
• D. System
• E. Device

Answer: ACD

NEW QUESTION 2
When an administrator attempts to manage FortiGate from an IP address that is not a trusted host, what happens?

• A. FortiGate will still subject that person's traffic to firewall policies; it will not bypass them.
• B. FortiGate will drop the packets and not respond.
• C. FortiGate responds with a block message, indicating that it will not allow that person to log in.
• D. FortiGate responds only if the administrator uses a secure protoco
• E. Otherwise, it does not respond

Answer: B

NEW QUESTION 3
Which statement is one disadvantage of using FSSO NetAPI polling mode over FSSO Security Event Log (WinSecLog) polling mode?

• A. It requires a DC agent installed in some of the Windows DC.
• B. It runs slower.
• C. It might miss some logon events.
• D. It requires access to a DNS server for workstation name resolution.

Answer: C

NEW QUESTION 4
A FortiGate device is configured with two VDOMs. The management VDOM is 'root' , and is configured in transparent mode,'vdom1' is configured as NAT/route mode. Which traffic is generated only by 'root' and not 'vdom1'? (Choose three.)

• A. SNMP traps
• B. FortiGaurd
• C. ARP
• D. NTP
• E. ICMP redirect

Answer: ABD

NEW QUESTION 5
There are eight (8) log severity levels that indicate the importance of an event. Not including Debug, which is only needed to log diagnostic data, what are both the lowest AND highest severity levels?

• A. Notification, Emergency
• B. Information, Critical
• C. Error, Critical
• D. Information, Emergency
• E. Information, Alert

Answer: D

NEW QUESTION 6
How do you configure a FortiGate to apply traffic shaping to P2P traffic, such as BitTorrent?

• A. Apply a traffic shaper to a BitTorrent entry in an application control list, which is then applied to a firewall policy.
• B. Enable the shape option in a firewall policy with service set to BitTorrent.
• C. Define a DLP rule to match against BitTorrent traffic and include the rule in a DLP sensor with traffic shaping enabled.
• D. Apply a traffic shaper to a protocol options profile.

Answer: A

NEW QUESTION 7
A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.
Exhibit A

Exhibit B:

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?

• A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.
• B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.
• C. The FortiGate unit will remove the infected file and add a replacement messag
• D. Both sender and recipient are notified that the infected file has been removed.
• E. The FortiGate unit will reject the infected email and notify the sender.

Answer: B

NEW QUESTION 8
Which of the following statements are correct about NTLM authentication? (Choose three)

• A. NTLM negotiation starts between the FortiGate device and the user's browser.
• B. It must be supported by the user's browser.
• C. It must be supported by the domain controllers.
• D. It does not require a collector agent.
• E. It does not require DC agents.

Answer: ABC

NEW QUESTION 9
Which network protocols are supported for administrative access to a FortiGate unit? (Choose three.)

• A. SMTP
• B. WINS
• C. HTTP
• D. Telnet
• E. SSH

Answer: CDE

NEW QUESTION 10
The exhibit shows two static routes to the same destinations subnet 172.20.168.0/24.

Which of the following statements correctly describes this static routing configuration? (choose two)

• A. Both routes will show up in the routing table.
• B. The FortiGate unit will evenly share the traffic to 172.20.168.0/24 between routes.
• C. Only one route will show up in the routing table.
• D. The FortiGate will route the traffic to 172.20.168.0/24 only through one route.

Answer: CD

NEW QUESTION 11
What protocol cannot be used with the active authentication type?

• A. Local
• B. RADIUS
• C. LDAP
• D. RSSO

Answer: D

NEW QUESTION 12
Which of the following statements are correct concerning the IPsec phase 1 and phase 2, shown in the exhibit? (choose two)

• A. The quick mode selector in the remote site must also be 0.0.0.0/0 for the source and destination addresses.
• B. Only remote peers with the peer ID 'fortinet' will be able to establish a VPN.
• C. The FortiGate device will automatically add a static route to the source quick mode selector address received from each remote VPN peer.
• D. The configuration will work only to establish FortiClient-to-FortiGate tunnel
• E. A FortiGate tunnel requires a different configuration.

Answer: CD

NEW QUESTION 13
You have configured the DHCP server on a FortiGate's port1 interface (or internal, depending on the model) to offer IPs in a range of 192.168.1.65-192.168.1.253. When the first host sends a DHCP request, what IP will the DHCP offer?

• A. 192.168.1.99
• B. 192.168.1.253
• C. 192.168.1.65
• D. 192.168.1.66

Answer: C

NEW QUESTION 14
Which of the following statements describe some of the differences between symmetric and asymmetric cryptography? (Choose two.)

• A. In symmetric cryptography, the keys are publicly availabl
• B. In asymmetric cryptography, the keys must be kept secret.
• C. Asymmetric cryptography can encrypt data faster than symmetric cryptography
• D. Symmetric cryptography uses one pre-shared ke
• E. Asymmetric cryptography uses a pair or keys
• F. Asymmetric keys can be sent to the remote peer via digital certificate
• G. Symmetric keys cannot

Answer: CD

NEW QUESTION 15
Examine this log entry.
What does the log indicate? (Choose three.)
date=2013-12-04 time=09:30:18 logid=0100032001 type=event subtype=system level=information vd="root" user="admin" ui=http(192.168.1.112) action=login status=success reason=none profile="super_admin" msg="Administrator admin logged in successfully from http(192.168.1.112)"

• A. In the GUI, the log entry was located under “Log & Report > Event Log > User”.
• B. In the GUI, the log entry was located under “Log & Report > Event Log > System”.
• C. In the GUI, the log entry was located under “Log & Report > Traffic Log > Local Traffic”.
• D. The connection was encrypted.
• E. The connection was unencrypted.
• F. The IP of the FortiGate interface that “admin” connected to was 192.168.1.112.
• G. The IP of the computer that “admin” connected from was 192.168.1.112.

Answer: BEG

NEW QUESTION 16
Which statement is in advantage of using a hub and spoke IPsec VPN configuration instead of a fully-meshed set of IPsec tunnels?

• A. Using a hub and spoke topology provides full redundancy.
• B. Using a hub and spoke topology requires fewer tunnels.
• C. Using a hub and spoke topology uses stronger encryption protocols.
• D. Using a hub and spoke topology requires more routes.

Answer: B

NEW QUESTION 17
Which of the following actions can be used to back up the keys and digital certificates in a FortiGate device? (Choose two.)

• A. Taking a full backup of the FortiGate configuration
• B. Uploading a PKCS#10 file to a USB drive
• C. Manually uploading the certificate information to a Certificate authority (CA)
• D. Uploading a PKCS#12 file to a TFTP server

Answer: AD

NEW QUESTION 18
Which of the following traffic shaping functions can be offloaded to a NP processor? (Choose two.)

• A. Que prioritization
• B. Traffic cap (bandwidth limit)
• C. Differentiated services field rewriting
• D. Guarantee bandwidth

Answer: CD