ITCertKing is a convenient website to provide service for many of the candidates participating in the IT certification exams. A lot of candidates who choose to use the ITCertKing's product have passed IT certification exams for only one time. And from the feedback of them, helps from ITCertKing are proved to be effective. ITCertKing's expert team is a large team composed of senior IT professionals. And they take advantage of their expertise and abundant experience to come up with the useful training materials about NSE4 Questions and answers. ITCertKing's simulation test software and related questions of NSE4 Questions and answers are produced by the analysis of NSE4 Questions and answers outline, and they can definitely help you pass your first time to participate in NSE4 Questions and answers.
For easy use, NSE4 Questions and answers provides you with different version exam dumps. PDF version dumps are easy to read and reproduce the real exam. SOFT version dumps is a test engine which can measure what your preparations for the exam. If you want to know whether you prepare well for the test, you can take advantage of the SOFT version dumps to measure your ability. So you can quickly know your weaknesses and shortcomings, which is helpful to your further study.
Exam Name: Fortinet Network Security Expert 4 Written Exam (400)
One year free update, No help, Full refund!
NSE4 Questions and answers Free download Total Q&A: 275 Questions and Answers
Last Update: 2016-10-31
NSE4 Questions and answers Exam Prep Detail: NSE4 Questions and answers Free download
NSE4 Questions and answers Free Demo Download: http://www.itcertking.com/NSE4_exam.html
NO.1 Which two methods are supported by the web proxy auto-discovery protocol (WPAD) to
automatically learn the URL where a PAC file is located? (Choose two.)
A. DHCP
B. IPv6 autoconfiguration
C. BOOTP
D. DNS
Answer: A,D
NSE4 Questions and answers Real Dumps
NO.2 A DLP rule with an action of Exempt has been matched against traffic passing through the
FortiGate unit. Which of the following statements is correct regarding how this transaction will be
handled by the FortiGate unit?
A. Any other matched DLP rules will be ignored with the exception of Archiving.
B. Future files whose characteristics match this file will bypass DLP scanning.
C. The traffic matching the DLP rule will bypass antivirus scanning.
D. The client IP address will be added to a white list.
Answer: A
NSE4 Questions and answers exam simulations NSE4 Questions and answers Exam Dumps
NO.3 Which of the following components are contained in all FortiGate units from the FG50 models
and up? (Select all that apply.)
A. Hard Drive.
B. FortiASIC content processor.
C. Serial console port.
D. Gigabit network interfaces.
Answer: B,C
NSE4 Questions and answers Exam Cost
NO.4 The ordering of firewall policies is very important. Policies can be re-ordered within the
FortiGate Web Config and also using the CLI. The command used in the CLI to perform this function is
__________.
A. edit policy
B. set order
C. reorder
D. move
Answer: D
NSE4 Questions and answers Practice Questions NSE4 Questions and answers dumps torrent
NO.5 Which of the following items is NOT a packet characteristic matched by a firewall service
object?
A. TCP/UDP source and destination ports
B. TCP sequence number
C. IP protocol number
D. ICMP type and code
Answer: B
NO.6 How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?
A. Assignment of an IP address causes a host route to be added to the FortiGate routing table.
B. The FortiGate adds a route based upon the destination address in the SSL VPN firewall policy.
C. A route back to the client is automatically created on the FortiGate to match the SSLVPN IP pool
from which the IP address assignment was made.
D. A static route must be configured by the administrator using the ssl.root interface as the outgoing
interface.
Answer: D
NSE4 Questions and answers braindump NSE4 Questions and answers certification
NO.7 Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define
how the feature will function.
An administrator must assign a set of UTM features to a group of users.
Which of the following is the correct method for doing this?
A. Enable a set of unique UTM features under "Edit User Group".
B. When defining the UTM objects, the administrator must list the user groups which will use the
UTM object.
C. The administrator must apply the UTM features directly to a user object.
D. The administrator must enable the UTM features in an identify-based policy applicable to the user
group.
Answer: D
NSE4 Questions and answers exam
NO.8 Which two web filtering inspection modes inspect the full URL? (Choose two.)
A. Flow-based.
B. DNS-based.
C. Proxy-based.
D. URL-based.
Answer: A,C
NSE4 Questions and answers dumps torrent NSE4 Questions and answers Exam Tests
NO.9 Which antivirus and attack definition update options are supported by FortiGate units?
(Choose two.)
A. Pull updates from the FortiGate.
B. Manual update by downloading the signatures from the support site.
C. execute fortiguard-AV-AS command from the CLI.
D. Push updates from a FortiAnalyzer.
Answer: A,B
NSE4 Questions and answers dumps torrent NSE4 Questions and answers Exam Prep
NO.10 Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when
querying the FortiGate unit?
A. Running SNMP service on a non-standard port is possible
B. MIB-based report uploads
C. SNMP access limits through access lists
D. Packet encryption
Answer: D
NO.11 By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which
action?
A. Allow all traffic.
B. Block all network attacks.
C. Allow and log all traffic.
D. Block the most common network attacks.
Answer: A
NSE4 Questions and answers Real Questions
NO.12 What functions can the IPv6 Neighbor Discovery protocol accomplish? (Choose two.)
A. Determine other nodes reachability.
B. Auto-adjust the MTU setting.
C. Autoconfigure addresses and prefixes.
D. Negotiate the encryption parameters to use.
Answer: A,C
NSE4 Questions and answers Braindumps NSE4 Questions and answers certification training
NO.13 A FortiClient fails to establish a VPN tunnel with a FortiGate unit.
The following information is displayed in the FortiGate unit logs:
msg="Initiator: sent 192.168.11.101 main mode message #1 (OK)" msg="Initiator: sent
192.168.11.101 main mode message #2 (OK)" msg="Initiator: sent 192.168.11.101 main mode
message #3 (OK)" msg="Initiator: parsed 192.168.11.101 main mode message #3 (DONE)"
msg="Initiator: sent 192.168.11.101 quick mode message #1 (OK)" msg="Initiator: tunnel
192.168.1.1/192.168.11.101 install ipsec sa" msg="Initiator: sent 192.168.11.101 quick mode
message #2 (DONE)" msg="Initiator: tunnel 192.168.11.101, transform=ESP_3DES, HMAC_MD5"
msg="Failed to acquire an IP address
Which of the following statements is a possible cause for the failure to establish the VPN tunnel?
A. The phase 1 configuration on the FortiGate unit uses Aggressive mode while FortiClient uses Main
mode.
B. There is a mismatch between the FortiGate unit and the FortiClient IP addresses in the phase 2
settings.
C. An IPSec DHCP server is not enabled on the external interface of the FortiGate unit.
D. There is no IPSec firewall policy configured for the policy-based VPN.
Answer: C
NSE4 Questions and answers Practice Exam
NO.14 Bob wants to send Alice a file that is encrypted using public key cryptography.
Which of the following statements is correct regarding the use of public key cryptography in this
scenario?
A. Bob will use his public key to encrypt the file and Alice will use Bob's private key to decrypt the file.
B. Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file.
C. Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file.
D. Bob will use Alice's public key to encrypt the file and Alice will use her private key to decrypt the
file.
Answer: D
NO.15 Review the output of the command config router ospf shown in the Exhibit below; then answer
the question following it.
Which one of the following statements is correct regarding this output?
A. OSPF Hello packets will be sent on all interfaces of the FortiGate device.
B. OSPF Hello packets will only be sent on interfaces configured with the IP addresses
172.16.1.1 and 172.16.1.2.
C. OSPF Hello packets are not sent on point-to-point networks.
D. OSPF Hello packets will be sent on all interfaces configured with an address matching the
10.0.1.0/24 and 172.16.0.0/12 networks.
Answer: D
NO.16 Which IPsec configuration mode can be used for implementing GRE-over-IPsec VPNs?.
A. Policy-based only.
B. Route-based only.
C. Either policy-based or route-based VPN.
D. GRE-based only.
Answer: B
NSE4 Questions and answers dumps torrent
NO.17 Which statement correctly describes the output of the command diagnose ips anomaly list?
A. Lists the errors captured when compiling the DoS policy.
B. Lists the IPS signature matches.
C. Lists the configured DoS policy.
D. List the real-time counters for the configured DoS policy.
Answer: D
NSE4 Questions and answers certification training
NO.18 When viewing the Banned User monitor in Web Config, the administrator notes the entry
illustrated in the exhibit.
Which of the following statements is correct regarding this entry?
A. This entry displays a ban entry that was added manually by the administrator on June11th.
B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature.
This client is banned from receiving or sending any traffic through the FortiGate.
C. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule.
D. The entry displays a quarantine, which could have been added by either IPS or DLP.
Answer: C
NSE4 Questions and answers Exam Cost
ITCertKing offer the latest 200-310 exam material and high-quality 70-463 pdf questions & answers. Our 100-105 VCE testing engine and 070-980 study guide can help you pass the real exam. High-quality 810-401 dumps training materials can 100% guarantee you pass the exam faster and easier. Pass the exam to obtain certification is so simple.
Article Link: http://www.itcertking.com/NSE4_exam.html
没有评论:
发表评论