Fortinet Fortinet exam is identified while Fortinet NSE4 which is any Fortinet certification exam. The Fortinet NSE4 certificate is often a threshold in the area of IT and a desire of every one of the ambitious professionals. If you intend to obtain your NSE4 certification, youd better exert more efforts for the preparation. Examcollection.com gives you any shortcut to obtain the Fortinet certification simpler and before. You can enjoy not only your general details and review tips however also your training materials. Start right now along with make complete preparation for the Fortinet NSE4 exam.
2021 Sep NSE4 exam answers
Q41. - (Topic 5)
Regarding tunnel-mode SSL VPN, which three statements are correct? (Choose three.)
A. Split tunneling is supported.
B. It requires the installation of a VPN client.
C. It requires the use of an Internet browser.
D. It does not support traffic from third-party network applications.
E. An SSL VPN IP address is dynamically assigned to the client by the FortiGate unit.
Answer: A,B,E
Q42. - (Topic 5)
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
A. The remote user's virtual IP address.
B. The FortiGate unit's internal IP address.
C. The remote user's public IP address.
D. The FortiGate unit's external IP address.
Answer: B
Q43. - (Topic 14)
Which of the following sequences describes the correct order of criteria used for the selection of a master unit within a FortiGate high availability (HA) cluster when override is disabled?
A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number.
B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number.
C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number.
D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number.
Answer: B
Q44. - (Topic 22)
Which IP packets can be hardware-accelerated by a NP6 processor? (Choose two.)
A. Fragmented packet.
B. Multicast packet.
C. SCTP packet.
D. GRE packet.
Answer: B,C
Q45. - (Topic 2)
What is the maximum number of FortiAnalyzer/FortiManager devices a FortiGate unit can be configured to send logs to?
A. 1
B. 2
C. 3
D. 4
Answer: C
Abreast of the times NSE4 vce:
Q46. - (Topic 7)
Examine the exhibit; then answer the question below.
Which statement describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?
A. They indicate that the FortiGate has the latest updates available from the FortiGuard Distribution Network.
B. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.
C. They indicate that the FortiGate is in the process of downloading updates from the FortiGuard Distribution Network.
D. They indicate that the FortiGate is able to connect to the FortiGuard Distribution Network.
Answer: D
Q47. - (Topic 8)
Examine the following FortiGate web proxy configuration; then answer the question below: config web-proxy explicit set pac-file-server-status enable set pac-file-server-port 8080 set pac-file-name wpad.dat end Assuming that the FortiGate proxy IP address is 10.10.1.1, which URL must an Internet
browser use to download the PAC file?
A. https://10.10.1.1:8080
B. https://10.10.1.1:8080/wpad.dat
C. http://10.10.1.1:8080/
D. http://10.10.1.1:8080/wpad.dat
Answer: D
Q48. - (Topic 6)
An administrator has configured a route-based site-to-site IPsec VPN. Which statement is correct regarding this IPsec VPN configuration?
A. The IPsec firewall policies must be placed at the top of the list.
B. This VPN cannot be used as part of a hub and spoke topology.
C. Routes are automatically created based on the quick mode selectors.
D. A virtual IPsec interface is automatically created after the Phase 1 configuration is completed.
Answer: D
Q49. - (Topic 15)
Review the IKE debug output for IPsec shown in the exhibit below.
Which statements is correct regarding this output?
A. The output is a phase 1 negotiation.
B. The output is a phase 2 negotiation.
C. The output captures the dead peer detection messages.
D. The output captures the dead gateway detection packets.
Answer: C
Q50. - (Topic 19)
Data leak prevention archiving gives the ability to store files and message data onto a
FortiAnalyzer unit for which of the following types of network traffic? (Choose three.)
A. POP3
B. SNMP
C. IPsec
D. SMTP
E. HTTP
Answer: A,D,E