Act now and download your Fortinet nse4 exam dump test today! Do not waste time for the worthless Fortinet fortinet nse4 exam dumps tutorials. Download Leading Fortinet Fortinet Network Security Expert 4 Written Exam (400) exam with real questions and answers and begin to learn Fortinet fortinet nse4 exam dumps with a classic professional.

Q1. - (Topic 17) 

Which statement describes what the CLI command diagnose debug authd fsso list is used for? 

A. Monitors communications between the FSSO collector agent and FortiGate unit. 

B. Displays which users are currently logged on using FSSO. 

C. Displays a listing of all connected FSSO collector agents. 

D. Lists all DC Agents installed on all domain controllers. 

Answer:


Q2. - (Topic 14) 

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the exhibit below. 

Which statements are correct regarding this setting? (Choose two.) 

A. Interface settings on port7 will not be synchronized with other cluster members. 

B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface. 

C. When connecting to port7 you always connect to the master device. 

D. A gateway address may be configured for port7. 

Answer: A,D 


Q3. - (Topic 4) 

When firewall policy authentication is enabled, which protocols can trigger an authentication challenge? (Choose two.) 

A. SMTP 

B. POP3 

C. HTTP 

D. FTP 

Answer: C,D 


Q4. - (Topic 9) 

Which two web filtering inspection modes inspect the full URL? (Choose two.) 

A. DNS-based. 

B. Proxy-based. 

C. Flow-based. 

D. URL-based. 

Answer: B,C 


Q5. - (Topic 15) 

Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit below. 

Which statements are correct regarding this output? (Choose two.) 

A. The connecting client has been allocated address 172.20.1.1. 

B. In the Phase 1 settings, dead peer detection is enabled. 

C. The tunnel is idle. 

D. The connecting client has been allocated address 10.200.3.1. 

Answer: A,B 


Q6. - (Topic 14) 

An administrator has formed a high availability cluster involving two FortiGate units. 

[ Multiple upstream Layer 2 switches] -- [ FortiGate HA Cluster ] -- [ Multiple downstream Layer 2 switches ] 

The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster. 

Which of the following options describes the best step the administrator can take? 

The administrator should _____________________. 

A. Increase the number of FortiGate units in the cluster and configure HA in active-active mode. 

B. Enable monitoring of all active interfaces. 

C. Set up a full-mesh design which uses redundant interfaces. 

D. Configure the HA ping server feature to allow for HA failover in the event that a path is disrupted. 

Answer:


Q7. - (Topic 17) 

Which are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? [Choose two.] 

A. DNS server must properly resolve all workstation names. 

B. The remote registry service must be running in all workstations. 

C. The collector agent must be installed in one of the Windows domain controllers. 

D. A same user cannot be logged in into two different workstations at the same time. 

Answer: A,B 


Q8. - (Topic 12) 

A FortiGate is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. 

Which of the following settings will this administrator be able to configure? (Choose two.) 

A. Firewall addresses. 

B. DHCP servers. 

C. FortiGuard Distribution Network configuration. 

D. System hostname. 

Answer: A,B 


Q9. - (Topic 3) 

The order of the firewall policies is important. Policies can be re-ordered from either the GUI or the CLI. Which CLI command is used to perform this function? 

A. set order 

B. edit policy 

C. reorder 

D. move 

Answer:


Q10. - (Topic 14) 

In a high availability cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a slave unit? 

A. Request: internal host; slave FortiGate; master FortiGate; Internet; web server. 

B. Request: internal host; slave FortiGate; Internet; web server. 

C. Request: internal host; slave FortiGate; master FortiGate; Internet; web server. 

D. Request: internal host; master FortiGate; slave FortiGate; Internet; web server. 

Answer:


Q11. - (Topic 15) 

Review the IKE debug output for IPsec shown in the exhibit below. 

Which statements is correct regarding this output? 

A. The output is a phase 1 negotiation. 

B. The output is a phase 2 negotiation. 

C. The output captures the dead peer detection messages. 

D. The output captures the dead gateway detection packets. 

Answer:


Q12. - (Topic 3) 

Which header field can be used in a firewall policy for traffic matching? 

A. ICMP type and code. 

B. DSCP. 

C. TCP window size. 

D. TCP sequence number. 

Answer:


Q13. - (Topic 5) 

Regarding the use of web-only mode SSL VPN, which statement is correct? 

A. It supports SSL version 3 only. 

B. It requires a Fortinet-supplied plug-in on the web client. 

C. It requires the user to have a web browser that supports 64-bit cipher length. 

D. The JAVA run-time environment must be installed on the client. 

Answer:


Q14. - (Topic 7) 

Which statement is correct regarding virus scanning on a FortiGate unit? 

A. Virus scanning is enabled by default. 

B. Fortinet customer support enables virus scanning remotely for you. 

C. Virus scanning must be enabled in a security profile, which must be applied to a firewall policy. 

D. Enabling virus scanning in a security profile enables virus protection for all traffic flowing through the FortiGate. 

Answer:


Q15. - (Topic 20) 

Examine at the output below from the diagnose sys top command: # diagnose sys top 1 Run Time: 11 days, 3 hours and 29 minutes 0U, 0N, 1S, 99I; 971T, 528F, 160KF sshd 123 S 1.9 1.2 ipsengine 61 S < 0.0 5.2 miglogd 45 S 0.0 4.9 

pyfcgid 75 S 0.0 4.5 

pyfcgid 73 S 0.0 3.9 

Which statements are true regarding the output above? (Choose two.) 

A. The sshd process is the one consuming most CPU. 

B. The sshd process is using 123 pages of memory. 

C. The command diagnose sys kill miglogd will restart the miglogd process. 

D. All the processes listed are in sleeping state. 

Answer: A,D 


Q16. - (Topic 22) 

Which is one of the conditions that must be met for offloading the encryption and decryption of IPsec traffic to an NP6 processor? 

A. No protection profile can be applied over the IPsec traffic. 

B. Phase-2 anti-replay must be disabled. 

C. Both the phase 1 and phases 2 must use encryption algorithms supported by the NP6. 

D. IPsec traffic must not be inspected by any FortiGate session helper. 

Answer: C