web analytics
FortiGate Enterprise Firewall Exam / NSE4 Dumps / NSE4 Exam Questions / NSE4 PDF Dumps / NSE4 VCE Dumps

Download Free Fortinet NSE4 Exam Dumps VCE and PDF Collection from PassLeader (Question 126 – Question 150)

PassLeader just published the NEWEST Fortinet NSE4 exam dumps! And, PassLeader offer two types of the NSE4 dumps — NSE4 VCE dumps and NSE4 PDF dumps, both VCE and PDF contain the NEWEST NSE4 exam questions, they will help you PASSING the Fortinet NSE4 exam easily! Now, get the NEWEST NSE4 dumps in VCE and PDF from PassLeaderhttp://www.passleader.com/nse4.html (562 Q&As Dumps)

What’s more, part of that PassLeader NSE4 dumps now are freehttps://drive.google.com/open?id=0B-ob6L_QjGLpWVVnQl8wTTd0NW8

Examine the exhibit shown below; then answer the question following it.
Which of the following statements best describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?

A.    They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network.
B.    They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network.
C.    They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.
D.    They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network.

Answer: A

A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.)

A.    The external facing interface of the FortiGate unit is configured to use DHCP.
B.    The FortiGate unit has not been registered.
C.    There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network and no override push IP is configured.
D.    The FortiGate unit is in Transparent mode which does not support push updates.

Answer: ABC

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.
Exhibit A:
Exhibit B:
What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?

A.    The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.
B.    The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.
C.    The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.
D.    The FortiGate unit will reject the infected email and notify the sender.

Answer: A

Caching improves performance by reducing FortiGate unit requests to the FortiGuard server. Which of the following statements are correct regarding the caching of FortiGuard responses? (Select all that apply.)

A.    Caching is available for web filtering, antispam, and IPS requests.
B.    The cache uses a small portion of the FortiGate system memory.
C.    When the cache is full, the least recently used IP address or URL is deleted from the cache.
D.    An administrator can configure the number of seconds to store information in the cache before the FortiGate unit contacts the FortiGuard server again.
E.    The size of the cache will increase to accomodate any number of cached queries.

Answer: BCD

Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)

A.    FortiGate
B.    FortiClient
C.    FortiMail
D.    FortiAnalyzer

Answer: ABC

How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.)

A.    File TypE. Microsoft Office(msoffice)
B.    File TypE. Archive(zip)
C.    File TypE. Unknown Filetype(unknown)
D.    File NamE. “*.ppt”, “*.doc”, “*.xls”
E.    File NamE. “*.pptx”, “*.docx”, “*.xlsx”

Answer: BE

What are the valid sub-types for a Firewall type policy? (Select all that apply.)

A.    Device Identity
B.    Address
C.    User Identity
D.    Schedule

Answer: ABC

In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?

A.    The traffic is blocked.
B.    The traffic is passed.
C.    The traffic is passed and logged.
D.    The traffic is blocked and logged.

Answer: A

In which order are firewall policies processed on the FortiGate unit?

A.    They are processed from the top down according to their sequence number.
B.    They are processed based on the policy ID number shown in the left hand column of the policy window.
C.    They are processed on best match.
D.    They are processed based on a priority value assigned through the priority column in the policy window.

Answer: A

Which of the following pieces of information can be included in the Destination Address field of a firewall policy? (Select all that apply.)

A.    An IP address pool.
B.    A virtual IP address.
C.    An actual IP address or an IP address group.
D.    An FQDN or Geographic value(s).

Answer: BCD

The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ____.

A.    set order
B.    edit policy
C.    reorder
D.    move

Answer: D

You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct?

A. /
B. /
C. /
D. /

Answer: D

A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices?

A.    SSL
B.    IPSec
C.    direct serial connection
D.    S/MIME

Answer: B

Which of the following network protocols are supported for administrative access to a FortiGate unit?

E.    Telnet, UDP, NNTP, SMTP

Answer: A

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

A.    The FortiGate unit applies NAT to all traffic.
B.    The FortiGate unit functions as a Layer 3 device.
C.    The FortiGate unit functions as a Layer 2 device.
D.    The FortiGate unit functions as a router and the firewall function is disabled.

Answer: B

A FortiGate unit can provide which of the following capabilities? (Select all that apply.)

A.    Email filtering
B.    Firewall
C.    VPN gateway
D.    Mail relay
E.    Mail server

Answer: ABC

Which of the following methods can be used to access the CLI? (Select all that apply.)

A.    By using a direct connection to a serial console.
B.    By using the CLI console window in the GUI.
C.    By using an SSH connection.
D.    By using a Telnet connection.

Answer: ABCD

The ____ CLI command is used on the FortiGate unit to run static commands such as ping or to reset the FortiGate unit to factory defaults.

Answer: execute

When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password. If the password is forgotten, the configuration file can still be restored using which of the following methods?

A.    Selecting the recover password option during the restore process.
B.    Having the password emailed to the administrative user by selecting the Forgot Password option.
C.    Sending the configuration file to Fortinet Support for decryption.
D.    If the password is forgotten, there is no way to use the file.

Answer: D

When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.

A.    profile
B.    allowaccess interface settings
C.    operation mode
D.    local-in policy

Answer: A

Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.)

A.    Push update
B.    Scheduled update
C.    Manual update
D.    FTP update

Answer: ABC

Which of the following statements are true of the FortiGate unit’s factory default configuration?

A.    `Port1′ or `Internal’ interface will have an IP of
B.    `Port1′ or `Internal’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers).
C.    Default login will always be the username: admin (all lowercase) and no password.
D.    The implicit firewall action is ACCEPT.

Answer: ABC

Under the System Information widget on the dashboard, which of the following actions are available for the system configuration? (Select all that apply.)

A.    Backup
B.    Restore
C.    Revisions
D.    Export

Answer: ABC

Encrypted backup files provide which of the following benefits? (Select all that apply.)

A.    Integrity of the backup file is protected since it cannot be easily modified when encrypted.
B.    Prevents the backup file from becoming corrupted.
C.    Protects details of the device’s configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
D.    A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
E.    Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.

Answer: AC

The FortiGate unit’s GUI provides a link to update the firmware. Clicking this link will perform which of the following actions?

A.    It will connect to the Fortinet Support site where the appropriate firmware version can be selected.
B.    It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C.    It will present a prompt to allow browsing to the location of the firmware file.
D.    It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.

Answer: C

Learning the PassLeader NSE4 dumps with VCE and PDF for 100% passing Fortinet certificationhttp://www.passleader.com/nse4.html (562 Q&As Dumps)

BONUS!!! Download part of PassLeader NSE4 dumps for freehttps://drive.google.com/open?id=0B-ob6L_QjGLpWVVnQl8wTTd0NW8