getcertified4sure.com

NSE4-5.4 Exam

Top 10 braindumps NSE4-5.4 for candidates (3 to 12)



Want to know Exambible NSE4-5.4 Exam practice test features? Want to lear more about Fortinet Fortinet Network Security Expert - FortiOS 5.4 certification experience? Study Virtual Fortinet NSE4-5.4 answers to Improve NSE4-5.4 questions at Exambible. Gat a success with an absolute guarantee to pass Fortinet NSE4-5.4 (Fortinet Network Security Expert - FortiOS 5.4) test on your first attempt.

P.S. Virtual NSE4-5.4 item pool are available on Google Drive, GET MORE: https://drive.google.com/open?id=1YR5fY-VinwDTR3q70wpdEN_O3N_EUu6U


New Fortinet NSE4-5.4 Exam Dumps Collection (Question 3 - Question 12)

Q1. Which of the following statements about NTLM authentication are correct? (Choose two.)

A. It is useful when users log in to DCs that are not monitored by a collector agent.

B. It takes over as the primary authentication method when configured alongside FSSO.

C. Multi-domain environments require DC agents on every domain controller.

D. NTLM-enabled web browsers are required.

Answer: A,C


Q2. What statement describes what DNS64 does?

A. Converts DNS A record lookups to AAAA record lookups.

B. Translates the destination IPv6 address of the DNS traffic to an IPv4 address.

C. Synthesizes DNS AAAA records from A records.

D. Translates the destination IPv4 address of the DNS traffic to an IPv6 address.

Answer: B


Q3. Examine the exhibit, which contains a virtual IP and a firewall policy configuration.

The WAN(port1) interface has the IP address 10.200.1.1/24. The LAN(port2) interface has the IP address 10.0.1.254/24.

The top firewall policy has NAT enabled using outgoing interface address. The second firewall policy configured with a virtual IP (VIP) as the destination address.

Which IP address will be used to source NAT the Internet traffic coming from a workstation with the IP address 10.0.1.10/24?

A. 10.200.1.1

B. 10.0.1.254

C. Any available IP address in the WAN(port1) subnet 10.200.1.0/24

D. 10.200.1.10

Answer: A


Q4. When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?

A. The FortiGate unitu2021s public IP address

B. The FortiGate unitu2021s internal IP address

C. The remote useru2021s virtual IP address

D. The remote useru2021s public IP address

Answer: B


Q5. An administrator needs to be able to view logs for application usage on your network. What configurations are required to ensure that FortiGate generates logs for application usage activity? (Choose two.)

A. Enable a web filtering profile on the firewall policy.

B. Create an application control policy.

C. Enable logging on the firewall policy.

D. Enable an application control security profile on the firewall policy.

Answer: C,D


Q6. Which statements about high availability (HA) for FortiGates are true? (Choose two.)

A. Virtual clustering can be configured between two FortiGate devices with multiple VDOM.

B. Heartbeat interfaces are not required on the primary device.

C. HA management interface settings are synchronized between cluster members.

D. Sessions handled by UTM proxy cannot be synchronized.

Answer: A,C


Q7. Under what circumstance would you enable LEARN as the Action on a firewall policy?

A. You want FortiGate to compile security feature activity from various security-related logs, such as virus and attack logs.

B. You want FortiGate to monitor a specific security profile in a firewall policy, and provide recommendations for that profile.

C. You want to capture data across all traffic and security vectors, and receive learning logs and a report with recommendations.

D. You want FortiGate to automatically modify your firewall policies as it learns your networking behavior.

Answer: B


Q8. How do you configure inline SSL inspection on a firewall policy? (Choose two.)

A. Enable one or more flow-based security profiles on the firewall policy.

B. Enable the SSL/SSH Inspection profile on the firewall policy.

C. Execute the inline ssl inspection CLI command.

D. Enable one or more proxy-based security profiles on the firewall policy.

Answer: A,B


Q9. An administrator has enabled proxy-based antivirus scanning and configured the following settings:

Which statement about the above configuration is true?

A. Files bigger than 10 MB are not scanned for viruses and will be blocked.

B. FortiGate scans only the first 10 MB of any file.

C. Files bigger than 10 MB are sent to the heuristics engine for scanning.

D. FortiGate scans the files in chunks of 10 MB.

Answer: A


Q10. An administrator has created a custom IPS signature. Where does the custom IPS signature have to be applied?

A. In an IPS sensor

B. In an interface.

C. In a DoS policy.

D. In an application control profile.

Answer: A


Recommend!! Get the Virtual NSE4-5.4 dumps in VCE and PDF From Examcollection, Welcome to download: http://www.examcollectionuk.com/NSE4-5.4-vce-download.html (New Q&As Version)


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.