★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Simulation of NSE4 practice exam materials and paper for Fortinet certification for customers, Real Success Guaranteed with Updated NSE4 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 4 Written Exam (400) exam Today!
2016 Apr NSE4 Study Guide Questions:
Q1. - (Topic 11)
In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate operating in NAT/Route mode, when searching for a suitable gateway?
A. A lookup is done only when the first packet coming from the client (SYN) arrives.
B. A lookup is done when the first packet coming from the client (SYN) arrives, and a second one is performed when the first packet coming from the server (SYN/ACK) arrives.
C. Three lookups are done during the TCP 3-way handshake (SYN, SYN/ACK, ACK).
D. A lookup is always done each time a packet arrives, from either the server or the client side.
Q2. - (Topic 17)
Which statement describes what the CLI command diagnose debug authd fsso list is used for?
A. Monitors communications between the FSSO collector agent and FortiGate unit.
B. Displays which users are currently logged on using FSSO.
C. Displays a listing of all connected FSSO collector agents.
D. Lists all DC Agents installed on all domain controllers.
Q3. - (Topic 22)
Which is one of the conditions that must be met for offloading the encryption and decryption of IPsec traffic to an NP6 processor?
A. No protection profile can be applied over the IPsec traffic.
B. Phase-2 anti-replay must be disabled.
C. Both the phase 1 and phases 2 must use encryption algorithms supported by the NP6.
D. IPsec traffic must not be inspected by any FortiGate session helper.
Q4. - (Topic 8)
What is a valid reason for using session based authentication instead of IP based authentication in a FortiGate web proxy solution?
A. Users are required to manually enter their credentials each time they connect to a different web site.
B. Proxy users are authenticated via FSSO.
C. There are multiple users sharing the same IP address.
D. Proxy users are authenticated via RADIUS.
Q5. - (Topic 20)
Examine at the output below from the diagnose sys top command: # diagnose sys top 1 Run Time: 11 days, 3 hours and 29 minutes 0U, 0N, 1S, 99I; 971T, 528F, 160KF sshd 123 S 1.9 1.2 ipsengine 61 S < 0.0 5.2 miglogd 45 S 0.0 4.9
pyfcgid 75 S 0.0 4.5
pyfcgid 73 S 0.0 3.9
Which statements are true regarding the output above? (Choose two.)
A. The sshd process is the one consuming most CPU.
B. The sshd process is using 123 pages of memory.
C. The command diagnose sys kill miglogd will restart the miglogd process.
D. All the processes listed are in sleeping state.
Up to the minute NSE4 question:
Q6. - (Topic 21)
Which statements are true regarding IPv6 anycast addresses? (Choose two.)
A. Multiple interfaces can share the same anycast address.
B. They are allocated from the multicast address space.
C. Different nodes cannot share the same anycast address.
D. An anycast packet is routed to the nearest interface.
Q7. - (Topic 21)
Which statements are correct regarding an IPv6 over IPv4 IPsec configuration? (Choose two.)
A. The source quick mode selector must be an IPv4 address.
B. The destination quick mode selector must be an IPv6 address.
C. The Local Gateway IP must be an IPv4 address.
D. The remote gateway IP must be an IPv6 address.
Q8. - (Topic 17)
Which are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? [Choose two.]
A. DNS server must properly resolve all workstation names.
B. The remote registry service must be running in all workstations.
C. The collector agent must be installed in one of the Windows domain controllers.
D. A same user cannot be logged in into two different workstations at the same time.
Q9. - (Topic 14)
What are the requirements for a HA cluster to maintain TCP connections after device or link failover? (Choose two.)
A. Enable session pick-up.
B. Enable override.
C. Connections must be UDP or ICMP.
D. Connections must not be handled by a proxy.
Q10. - (Topic 16)
Examine the following log message for IPS:
2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity="critical" src="192.168.3.168" dst="192.168.3.170" src_int="port2" serial=0 status="detected" proto=1 service="icmp" count=1 attack_name="icmp_flood" icmp_id="0xa8a4" icmp_type="0x08" icmp_code="0x00" attack_id=16777316 sensor="1" ref="http://www.fortinet.com/ids/VID16777316" msg="anomaly: icmp_flood, 51 > threshold 50"
Which statement is correct about the above log? (Choose two.)
A. The target is 192.168.3.168.
B. The target is 192.168.3.170.
C. The attack was NOT blocked.
D. The attack was blocked.
Simulation NSE4 bootcamp:
Q11. - (Topic 18)
When the SSL proxy is NOT doing man-in-the-middle interception of SSL traffic, which certificate field can be used to determine the rating of a website?
A. Organizational Unit.
B. Common Name.
C. Serial Number.
Q12. - (Topic 15)
Review the configuration for FortiClient IPsec shown in the exhibit.
Which statement is correct regarding this configuration?
A. The connecting VPN client will install a route to a destination corresponding to the student_internal address object.
B. The connecting VPN client will install a default route.
C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range.
D. The connecting VPN client will connect in web portal mode and no route will be installed.
Q13. - (Topic 20)
In which process states is it impossible to interrupt/kill a process? (Choose two.)
A. S – Sleep
B. R – Running
C. D – Uninterruptable Sleep
D. Z – Zombie
Q14. - (Topic 11)
A static route is configured for a FortiGate unit from the CLI using the following commands: config router static edit 1 set device "wan1" set distance 20 set gateway 192.168.100.1 next end Which of the following conditions are required for this static default route to be displayed in
the FortiGate unit’s routing table? (Choose two.)
A. The administrative status of the wan1 interface is displayed as down.
B. The link status of the wan1 interface is displayed as up.
C. All other default routes should have a lower distance.
D. The wan1 interface address and gateway address are on the same subnet.
Q15. - (Topic 9)
Which of the following regular expression patterns make the terms "confidential data" case insensitive?
A. [confidential data]
B. /confidential data/i
C. i/confidential data/
D. "confidential data"
see more Fortinet Network Security Expert 4 Written Exam (400)