Download Fortinet NSE4 -FortiOS 6-0.test-king.NSE4_FGT-6.0.2019-10-16.1e.77q.vcex

Download Dump

File Info

Exam Fortinet NSE4 - FortiOS 6.0
Number NSE4_FGT-6.0
File Name Fortinet NSE4 -FortiOS 6-0.test-king.NSE4_FGT-6.0.2019-10-16.1e.77q.vcex
Size 4.85 Mb
Posted October 16, 2019
Downloads 41



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%





Demo Questions

Question 1
What files are sent to FortiSandbox for inspection in flow-based inspection mode?

  • A: All suspicious files that do not have their hash value in the FortiGuard antivirus signature database.
  • B: All suspicious files that are above the defined oversize limit value in the protocol options.
  • C: All suspicious files that match patterns defined in the antivirus profile.
  • D: All suspicious files that are allowed to be submitted to FortiSandbox in the antivirus profile.



Question 2
Which of the following FortiGate configuration tasks will create a route in the policy route table? (Choose two.)

  • A: Static route created with a Named Address object
  • B: Static route created with an Internet Services object
  • C: SD-WAN route created for individual member interfaces
  • D: SD-WAN rule created to route traffic based on link latency



Question 3
An administrator is investigating a report of users having intermittent issues with browsing the web. The administrator ran diagnostics and received the output shown in the exhibit. 

  

Examine the diagnostic output shown exhibit. Which of the following options is the most likely cause of this issue?

  • A: NAT port exhaustion
  • B: High CPU usage
  • C: High memory usage
  • D: High session timeout value



Question 4
An administrator has configured central DNAT and virtual IPs. Which of the following can be selected in the firewall policy Destination field?

  • A: A VIP group
  • B: The mapped IP address object of the VIP object
  • C: A VIP object
  • D: An IP pool



Question 5
An administrator needs to strengthen the security for SSL VPN access. Which of the following statements are best practices to do so? (Choose three.)

  • A: Configure split tunneling for content inspection.
  • B: Configure host restrictions by IP or MAC address.
  • C: Configure two-factor authentication using security certificates.
  • D: Configure SSL offloading to a content processor (FortiASIC).
  • E: Configure a client integrity check (host-check).



Question 6
Which statement about FortiGuard services for FortiGate is true?

  • A: The web filtering database is downloaded locally on FortiGate.
  • B: Antivirus signatures are downloaded locally on FortiGate.
  • C: FortiGate downloads IPS updates using UDP port 53 or 8888.
  • D: FortiAnalyzer can be configured as a local FDN to provide antivirus and IPS updates.



Question 7
View the exhibit. 

  

Based on this output, which statements are correct? (Choose two.)

  • A: The all VDOM is not synchronized between the primary and secondary FortiGate devices.
  • B: The root VDOM is not synchronized between the primary and secondary FortiGate devices.
  • C: The global configuration is synchronized between the primary and secondary FortiGate devices.
  • D: The FortiGate devices have three VDOMs.



Question 8
Which statement is true regarding the policy ID number of a firewall policy?

  • A: Defines the order in which rules are processed.
  • B: Represents the number of objects used in the firewall policy.
  • C: Required to modify a firewall policy using the CLI.
  • D: Changes when firewall policies are reordered.



Question 9
An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy address created for that purpose. 

  

Where must the proxy address be used?

  • A: As the source in a firewall policy.
  • B: As the source in a proxy policy.
  • C: As the destination in a firewall policy.
  • D: As the destination in a proxy policy.



Question 10
Which statement is true regarding SSL VPN timers? (Choose two.)

  • A: Allow to mitigate DoS attacks from partial HTTP requests.
  • B: SSL VPN settings do not have customizable timers.
  • C: Disconnect idle SSL VPN users when a firewall policy authentication timeout occurs.
  • D: Prevent SSL VPN users from being logged out because of high network latency.









CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset