Certification Provider: Fortinet
Exam: NSE 4
Exam Code: NSE4 v7.0
Total Question: 131
Question per Quiz: 60
Updated On: 21 March 2023
Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam.
1.
Which three security features require the intrusion prevention system (IPS) engine to function? (Choose three.)
2.
If Internet Service is already selected as Source in a firewall policy, which other configuration objects can be added to the Source field of a firewall policy?
3.
Which Security rating scorecard helps identify configuration weakness and best practice violations in your network?
4.
Refer to the exhibit. A network administrator is troubleshooting an IPsec tunnel between two FortiGate devices. The administrator has determined that phase 1 status is up, but phase 2 fails to come up. Based on the phase 2 configuration shown in the exhibit, what configuration change will bring phase 2 up?
5.
Which three methods are used by the collector agent for AD polling? (Choose three.)
6.
If Internet Service is already selected as Destination in a firewall policy, which other configuration objects can be selected to the Destination field of a firewall policy?
7.
Which two statements are correct regarding FortiGate FSSO agentless polling mode? (Choose two.)
8.
Refer to the exhibit, which contains a session diagnostic output. Which statement is true about the session diagnostic output?
9.
What two changes can the administrator make to resolve the issue without affecting services running through FortiGate? (Choose two.)
Consider the topology:
Application on a Windows machine FGT--> Telnet to Linux server.
An administrator is investigating a problem where an application establishes a Telnet session to a Linux server over the SSL VPN through FortiGate and the idle session times out after about 90 minutes. The administrator would like to increase or disable this timeout.
The administrator has already verified that the issue is not caused by the application or Linux server. This issue does not happen when the application establishes a Telnet connection to the Linux server directly on the LAN.
10.
A network administrator has enabled SSL certificate inspection and antivirus on FortiGate. When downloading an EICAR test file through HTTP, FortiGate detects the virus and blocks the file. When downloading the same file through HTTPS, FortiGate does not detect the virus and the file can be downloaded. What is the reason for the failed virus detection by FortiGate?
11.
Refer to the exhibit, which contains a Performance SLA configuration. An administrator has configured a performance SLA on FortiGate, which failed to generate any traffic. Why is FortiGate not generating any traffic for the performance SLA?
12.
Refer to the exhibit. Given the interfaces shown in the exhibit, which two statements are true? (Choose two.)
13.
Which of statement is true about SSL VPN web mode?
14.
Which two statements are correct about a software switch on FortiGate? (Choose two.)
15.
Which feature in the Security Fabric takes one or more actions based on event triggers?
16.
Which two statements are true about the RPF check? (Choose two.)
17.
Refer to the exhibit. Review the Intrusion Prevention System (IPS) profile signature settings. Which statement is correct in adding the FTP.Login.Failed signature to the IPS sensor profile?
18.
What inspection mode does FortiGate use if it is configured as a policy-based next-generation firewall (NGFW)?
19.
In which two ways can RPF checking be disabled? (Choose two.)
20.
Which three statements about a flow-based antivirus profile are correct? (Choose three.)
21.
Which statement correctly describes NetAPI polling mode for the FSSO collector agent?
22.
An administrator does not want to report the logon events of service accounts to FortiGate. What setting on the collector agent is required to achieve this?
23.
Which two statements are true when FortiGate is in transparent mode? (Choose two.)
24.
FortiGate is configured as a policy-based next-generation firewall (NGFW) and is applying web filtering and application control directly on the security policy. Which two other security profiles can you apply to the security policy? (Choose two.)
25.
Refer to the exhibit. How will FortiGate process the traffic when the HTTP request comes from a machine with the source IP 10.0.1.10 to the destination http:// www.fortinet.com? (Choose two.)
The exhibit shows proxy policies and proxy addresses, the authentication rule and authentication scheme, users, and firewall address.
An explicit web proxy is configured for subnet range 10.0.1.0/24 with three explicit web proxy policies.
The authentication rule is configured to authenticate HTTP requests for subnet range 10.0.1.0/24 with a form-based authentication scheme for the FortiGate local user database. Users will be prompted for authentication.
26.
Which two statements are correct about SLA targets? (Choose two.)
27.
An organization's employee needs to connect to the office through a high-latency internet connection. Which SSL VPN setting should the administrator adjust to prevent the SSL VPN negotiation failure?
28.
Which statements about the firmware upgrade process on an active-active HA cluster are true? (Choose two.)
29.
Which three authentication timeout types are availability for selection on FortiGate? (Choose three.)
30.
Which statements are true regarding firewall policy NAT using the outgoing interface IP address with fixed port disabled? (Choose two.)
31.
Refer to the exhibit. Which IP address will be used to source NAT the internet traffic coming from a workstation with the IP address 10.0.1.10?
The exhibit contains a network diagram, virtual IP, IP pool, and firewall policies configuration.
The WAN (port1) interface has the IP address 10.200.1.1/24.
The LAN (port3) interface has the IP address 10.0.1.254/24.
The first firewall policy has NAT enabled using IP Pool.
The second firewall policy is configured with a VIP as the destination address.
32.
An administrator has configured a strict RPF check on FortiGate. Which statement is true about the strict RPF check?
33.
Refer to the exhibit to view the authentication rule configuration. In this scenario, which statement is true?
34.
Which two policies must be configured to allow traffic on a policy-based next-generation firewall (NGFW) FortiGate? (Choose two.)
35.
How does FortiGate act when using SSL VPN in web mode?
36.
How do you format the FortiGate flash disk?
37.
Refer to the exhibit. The SSL VPN connection fails when a user attempts to connect to it. What should the user do to successfully connect to SSL VPN?
38.
Which security feature does FortiGate provide to protect servers located in the internal networks from attacks such as SQL injections?
39.
A team manager has decided that, while some members of the team need access to a particular website, the majority of the team does not Which configuration option is the most effective way to support this request?
40.
Which two statements about SSL VPN between two FortiGate devices are true? (Choose two.)
41.
An administrator has configured two-factor authentication to strengthen SSL VPN access. Which additional best practice can an administrator implement?
42.
An administrator has a requirement to keep an application session from timing out on port 80. What two changes can the administrator make to resolve the issue without affecting any existing services running through FortiGate? (Choose two.)
43.
Refer to the exhibit to view the firewall policy. Which statement is correct if well-known viruses are not being blocked?
44.
An administrator wants to configure Dead Peer Detection (DPD) on IPSEC VPN for detecting dead tunnels. The requirement is that FortiGate sends DPD probes only when no traffic is observed in the tunnel. Which DPD mode on FortiGate will meet the above requirement?
45.
If the Services field is configured in a Virtual IP (VIP), which statement is true when central NAT is used?
46.
FortiGuard categories can be overridden and defined in different categories. To create a web rating override for example.com home page, the override must be configured using a specific syntax. Which two syntaxes are correct to configure web rating override for the home page? (Choose two.)
47.
Refer to the exhibit. Based on the raw log, which two statements are correct? (Choose two.)
48.
Refer to the exhibit. Given the security fabric topology shown in the exhibit, which two statements are true? (Choose two.)
49.
Which two statements are true about collector agent advanced mode? (Choose two.)
50.
Refer to the exhibit to view the application control profile. Users who use Apple FaceTime video conferences are unable to set up meetings. In this scenario, which statement is true?
51.
Which three CLI commands can you use to troubleshoot Layer 3 issues if the issue is in neither the physical layer nor the link layer? (Choose three.)
52.
When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?
53.
An administrator is configuring an IPsec VPN between site A and site B. The Remote Gateway setting in both sites has been configured as Static IP Address. For site A, the local quick mode selector is 192.168.1.0/24 and the remote quick mode selector is 192.168.2.0/24. Which subnet must the administrator configure for the local quick mode selector for site B?
54.
Which two statements are correct regarding FortiGate HA cluster virtual IP addresses? (Choose two.)
55.
Which two statements are true about the Security Fabric rating?
56.
Which two statements are true about collector agent standard access mode? (Choose two.)
57.
Refer to the exhibit. The exhibit displays the output of the CLI command: diagnose sys ha dump-by vcluster. Which two statements are true? (Choose two.)
58.
Which of the following statements about backing up logs from the CLI and downloading logs from the GUI are true? (Choose two.)
59.
Which three statements are true regarding session-based authentication? (Choose three.)
60.
Which two protocols are used to enable administrator access of a FortiGate device? (Choose two.)