Download Fortinet NSE4 -FortiOS 6-0.PracticeTest.NSE4_FGT-6.0.2019-02-08.1e.34q.vcex

Download Dump

File Info

Exam Fortinet NSE4 - FortiOS 6.0
Number NSE4_FGT-6.0
File Name Fortinet NSE4 -FortiOS 6-0.PracticeTest.NSE4_FGT-6.0.2019-02-08.1e.34q.vcex
Size 1.52 Mb
Posted February 08, 2019
Downloads 32



How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase
Coupon: EXAMFILESCOM

Coupon: EXAMFILESCOM
With discount: 20%





Demo Questions

Question 1
Which statements about a One-to-One IP pool are true? (Choose two.)

  • A: It is used for destination NAT.
  • B: It allows the fixed mapping of an internal address range to an external address range.
  • C: It does not use port address translation.
  • D: It allows the configuration of ARP replies.



Question 2
An administrator needs to strengthen the security for SSL VPN access. Which of the following statements are best practices to do so? (Choose three.)

  • A: Configure split tunneling for content inspection.
  • B: Configure host restrictions by IP or MAC address.
  • C: Configure two-factor authentication using security certificates.
  • D: Configure SSL offloading to a content processor (FortiASIC).
  • E: Configure a client integrity check (host-check).



Question 3
Which statement about FortiGuard services for FortiGate is true?

  • A: The web filtering database is downloaded locally on FortiGate.
  • B: Antivirus signatures are downloaded locally on FortiGate.
  • C: FortiGate downloads IPS updates using UDP port 53 or 8888.
  • D: FortiAnalyzer can be configured as a local FDN to provide antivirus and IPS updates.



Question 4
View the exhibit. 

  

Based on this output, which statements are correct? (Choose two.)

  • A: The all VDOM is not synchronized between the primary and secondary FortiGate devices.
  • B: The root VDOM is not synchronized between the primary and secondary FortiGate devices.
  • C: The global configuration is synchronized between the primary and secondary FortiGate devices.
  • D: The FortiGate devices have three VDOMs.



Question 5
An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy address created for that purpose. 

  

Where must the proxy address be used?

  • A: As the source in a firewall policy.
  • B: As the source in a proxy policy.
  • C: As the destination in a firewall policy.
  • D: As the destination in a proxy policy.



Question 6
Which statement is true regarding SSL VPN timers? (Choose two.)

  • A: Allow to mitigate DoS attacks from partial HTTP requests.
  • B: SSL VPN settings do not have customizable timers.
  • C: Disconnect idle SSL VPN users when a firewall policy authentication timeout occurs.
  • D: Prevent SSL VPN users from being logged out because of high network latency.



Question 7
When using SD-WAN, how do you configure the next-hop gateway address for a member interface so that FortiGate can forward Internet traffic?

  • A: It must be configured in a static route using the sdwan virtual interface.
  • B: It must be provided in the SD-WAN member interface configuration.
  • C: It must be configured in a policy-route using the sdwan virtual interface.
  • D: It must be learned automatically through a dynamic routing protocol.



Question 8
Which of the following services can be inspected by the DLP profile? (Choose three.)

  • A: NFS
  • B: FTP
  • C: IMAP
  • D: CIFS
  • E: HTTP-POST



Question 9
Which of the following statements describe WMI polling mode for the FSSO collector agent? (Choose two.)

  • A: The NetSessionEnum function is used to track user logoffs.
  • B: WMI polling can increase bandwidth usage in large networks.
  • C: The collector agent uses a Windows API to query DCs for user logins.
  • D: The collector agent do not need to search any security event logs.



Question 10
Which statements about DNS filter profiles are true? (Choose two.)

  • A: They can inspect HTTP traffic.
  • B: They can redirect blocked requests to a specific portal.
  • C: They can block DNS requests to known botnet command and control servers.
  • D: They must be applied in firewall policies with SSL inspection enabled.









CONNECT US


ProfExam
PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount..

Get Now!


HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen



HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset