Master the fortinet nse4 Fortinet Network Security Expert 4 Written Exam (400) content and be ready for exam day success quickly with this Examcollection fortinet nse4 question. We guarantee it!We make it a reality and give you real fortinet nse4 exam questions in our Fortinet fortinet nse4 exam braindumps.Latest 100% VALID Fortinet fortinet nse4 exam dumps Exam Questions Dumps at below page. You can use our Fortinet nse4 exam dump braindumps and pass your exam.

Q33. - (Topic 15) 

Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit below. 

Which statements are correct regarding this output? (Choose two.) 

A. The connecting client has been allocated address 172.20.1.1. 

B. In the Phase 1 settings, dead peer detection is enabled. 

C. The tunnel is idle. 

D. The connecting client has been allocated address 10.200.3.1. 

Answer: A,B 


Q34. - (Topic 14) 

The exhibit shows the Disconnect Cluster Member command in a FortiGate unit that is part of a HA cluster with two HA members. 

What is the effect of the Disconnect Cluster Member command as given in the exhibit. (Choose two.) 

A. Port3 is configured with an IP address for management access. 

B. The firewall rules are purged on the disconnected unit. 

C. The HA mode changes to standalone. 

D. The system hostname is set to the unit serial number. 

Answer: A,C 


Q35. - (Topic 14) 

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the exhibit below. 

Which statements are correct regarding this setting? (Choose two.) 

A. Interface settings on port7 will not be synchronized with other cluster members. 

B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface. 

C. When connecting to port7 you always connect to the master device. 

D. A gateway address may be configured for port7. 

Answer: A,D 


Q36. - (Topic 22) 

Two FortiGate units with NP6 processors form an active-active cluster. The cluster is doing security profile (UTM) inspection over all the user traffic. What statements are true regarding the sessions that the master unit is offloading to the slave unit for inspection? (Choose two.) 

A. They are accelerated by hardware in the master unit. 

B. They are not accelerated by hardware in the master unit. 

C. They are accelerated by hardware in the slave unit. 

D. They are not accelerated by hardware in the slave unit. 

Answer: A,D 


Q37. - (Topic 11) 

Review the output of the command get router info routing-table database shown in the exhibit below; then answer the question following it. 

Which two statements are correct regarding this output? (Choose two.) 

A. There will be six routes in the routing table. 

B. There will be seven routes in the routing table. 

C. There will be two default routes in the routing table. 

D. There will be two routes for the 10.0.2.0/24 subnet in the routing table. 

Answer: A,C 


Q38. - (Topic 7) 

Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.) 

A. Manual update by downloading the signatures from the support site. 

B. Pull updates from the FortiGate. 

C. Push updates from a FortiAnalyzer. 

D. execute fortiguard-AV-AS command from the CLI. 

Answer: A,B 


Q39. - (Topic 9) 

Which statements are correct regarding URL filtering on a FortiGate unit? (Choose two.) 

A. The allowed actions for URL filtering include allow, block, monitor and exempt. 

B. The allowed actions for URL filtering are Allow and Block only. 

C. URL filters may be based on patterns using simple text, wildcards and regular expressions. 

D. URL filters are based on simple text only and require an exact match. 

Answer: A,C 


Q40. - (Topic 14) 

Which of the following sequences describes the correct order of criteria used for the selection of a master unit within a FortiGate high availability (HA) cluster when override is disabled? 

A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number. 

B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number. 

C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number. 

D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number. 

Answer:


Q41. - (Topic 9) 

Which web filtering inspection mode inspects DNS traffic? 

A. DNS-based. 

B. FQDN-based. 

C. Flow-based. 

D. URL-based. 

Answer:


Q42. - (Topic 15) 

Review the IKE debug output for IPsec shown in the exhibit below. 

Which statements is correct regarding this output? 

A. The output is a phase 1 negotiation. 

B. The output is a phase 2 negotiation. 

C. The output captures the dead peer detection messages. 

D. The output captures the dead gateway detection packets. 

Answer:


Q43. - (Topic 18) 

When the SSL proxy is NOT doing man-in-the-middle interception of SSL traffic, which certificate field can be used to determine the rating of a website? 

A. Organizational Unit. 

B. Common Name. 

C. Serial Number. 

D. Validity. 

Answer:


Q44. - (Topic 11) 

In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate operating in NAT/Route mode, when searching for a suitable gateway? 

A. A lookup is done only when the first packet coming from the client (SYN) arrives. 

B. A lookup is done when the first packet coming from the client (SYN) arrives, and a second one is performed when the first packet coming from the server (SYN/ACK) arrives. 

C. Three lookups are done during the TCP 3-way handshake (SYN, SYN/ACK, ACK). 

D. A lookup is always done each time a packet arrives, from either the server or the client side. 

Answer:


Q45. - (Topic 15) 

Review the configuration for FortiClient IPsec shown in the exhibit. 

Which statement is correct regarding this configuration? 

A. The connecting VPN client will install a route to a destination corresponding to the student_internal address object. 

B. The connecting VPN client will install a default route. 

C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range. 

D. The connecting VPN client will connect in web portal mode and no route will be installed. 

Answer:


Q46. - (Topic 9) 

Which of the following regular expression patterns make the terms "confidential data" case insensitive? 

A. [confidential data] 

B. /confidential data/i 

C. i/confidential data/ 

D. "confidential data" 

Answer:


Q47. - (Topic 11) 

Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it. config router static edit 1 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 10 set device port1 next edit 2 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 20 set device port2 

next 

end 

Which of the following statements correctly describes the static routing configuration provided above? 

A. The FortiGate evenly shares the traffic to 172.20.168.0/24 through both routes. 

B. The FortiGate shares the traffic to 172.20.168.0/24 through both routes, but the port2 route will carry approximately twice as much of the traffic. 

C. The FortiGate sends all the traffic to 172.20.168.0/24 through port1. 

D. Only the route that is using port1 will show up in the routing table. 

Answer:


Q48. - (Topic 19) 

For data leak prevention, which statement describes the difference between the block and 

quarantine actions? 

A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol. 

B. A block action prevents the transaction. A quarantine action archives the data. 

C. A block action has a finite duration. A quarantine action must be removed by an administrator. 

D. A block action is used for known users. A quarantine action is used for unknown users. 

Answer: