Download Fortinet.PracticeDumps.NSE4-5.4.2018-05-28.1e.65q.vcex

Download Dump

File Info

Exam Fortinet Network Security Expert - FortiOS 5.4
Number NSE4-5.4
File Name Fortinet.PracticeDumps.NSE4-5.4.2018-05-28.1e.65q.vcex
Size 3.02 Mb
Posted May 28, 2018
Downloaded 15

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1
Which statements about One-to-One IP pool are true? (Choose two.)

  • A: It allows configuration of ARP replies.
  • B: It allows fixed mapping of an internal address range to an external address range.
  • C: It is used for destination NAT.
  • D: It does not use port address translation.

Question 2
Which statements correctly describe transparent mode operation? (Choose three.)

  • A: All interfaces of the transparent mode FortiGate device must be on different IP subnets.
  • B: The transparent FortiGate is visible to network hosts in an IP traceroute.
  • C: It permits inline traffic inspection and firewalling without changing the IP scheme of the network.
  • D: Ethernet packets are forwarded based on destination MAC addresses, not IP addresses.
  • E: The FortiGate acts as transparent bridge and forwards traffic at Layer-2.

Question 3
View the exhibit. 
What is the effect of the Disconnect Cluster Member operation as shown in the exhibit? (Choose two.)

  • A: The HA mode changes to standalone.
  • B: The firewall policies are deleted on the disconnected member.
  • C: The system hostname is set to the FortiGate serial number.
  • D: The port3 is configured with an IP address for management access.

Question 4
What step is required to configure an SSL VPN to access to an internal server using port forward mode?

  • A: Configure the virtual IP addresses to be assigned to the SSL VPN users.
  • B: Install FortiClient SSL VPN client
  • C: Create a SSL VPN realm reserved for clients using port forward mode.
  • D: Configure the client application to forward IP traffic to a Java applet proxy.

Question 5
View the exhibit. 
This is a sniffer output of a telnet connection request from to the port1 interface of FGT1. 
In this scenario. FGT1 has the following routing table:
Assuming telnet service is enabled for port1, which of the following statements correctly describes why FGT1 is not responding?

  • A: The port1 cable is disconnected.
  • B: The connection is dropped due to reverse path forwarding check.
  • C: The connection is denied due to forward policy check.
  • D: FGT1’s port1 interface is administratively down.

Question 6
An administrator needs to be able to view logs for application usage on your network. 
What configurations are required to ensure that FortiGate generates logs for application usage activity? (Choose two.)

  • A: Enable a web filtering profile on the firewall policy.
  • B: Create an application control policy.
  • C: Enable logging on the firewall policy.
  • D: Enable an application control security profile on the firewall policy.

Question 7
A company needs to provide SSL VPN access to two user groups. The company also needs to display different welcome messages on the SSL VPN login screen for both user groups. 
What is required in the SSL VPN configuration to meet these requirements?

  • A: Two separated SSL VPNs in different interfaces of the same VDOM
  • B: Different SSL VPN realms for each group
  • C: Different virtual SSLVPN IP addresses for each group
  • D: Two firewall policies with different captive portals

Question 8
Examine the routing database. 
Which of the following statements are correct? (Choose two.)

  • A: The port3 default route has the lowest metric, making it the best route.
  • B: There will be eight routes active in the routing table.
  • C: The port3 default has a higher distance than the port1 and port2 default routes.
  • D: Both port1 and port2 default routers are active in the routing table.

Question 9
View the exhibit. 
When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?

  • A: The user is required to authenticate before accessing sites with untrusted SSL certificates.
  • B: The user is presented with certificate warnings when connecting to sites that have untrusted SSL certificates.
  • C: The user is allowed access all sites with untrusted SSL certificates, without certificate warnings.
  • D: The user is blocked from connecting to sites that have untrusted SSL certificates (no exception provided).

Question 10
View the exhibit. 

When Role is set to Undefined, which statement is true?

  • A: The GUI provides all the configuration options available for the port1 interface.
  • B: You cannot configure a static IP address for the port1 interface because it allows only DHCP addressing mode.
  • C: Firewall policies can be created from only the port1 interface to any interface.
  • D: The port1 interface is reserved for management only.



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files