NSE4 Exam
how to use fortinet nse4 dumps
Ucertify nse4 exam dump Questions are updated and all fortinet nse4 dumps answers are verified by experts. Once you have completely prepared with our nse4 exam exam prep kits you will be ready for the real nse4 fortinet exam without a problem. We have Rebirth Fortinet fortinet nse4 dumps dumps study guide. PASSED nse4 exam dump First attempt! Here What I Did.
Q31. - (Topic 2)
Regarding the header and body sections in raw log messages, which statement is correct?
A. The header and body section layouts change depending on the log type.
B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type.
C. Some log types include multiple body sections.
D. Some log types do not include a body section.
Answer: B
Q32. - (Topic 9)
Which statements are correct regarding URL filtering on a FortiGate unit? (Choose two.)
A. The allowed actions for URL filtering include allow, block, monitor and exempt.
B. The allowed actions for URL filtering are Allow and Block only.
C. URL filters may be based on patterns using simple text, wildcards and regular expressions.
D. URL filters are based on simple text only and require an exact match.
Answer: A,C
Q33. - (Topic 4)
When firewall policy authentication is enabled, which protocols can trigger an authentication challenge? (Choose two.)
A. SMTP
B. POP3
C. HTTP
D. FTP
Answer: C,D
Q34. - (Topic 1)
When creating FortiGate administrative users, which configuration objects specify the account rights?
A. Remote access profiles.
B. User groups.
C. Administrator profiles.
D. Local-in policies.
Answer: C
Q35. - (Topic 15)
Review the IPsec phase 2 configuration shown in the exhibit; then answer the question below.
Which statements are correct regarding this configuration? (Choose two.).
A. The Phase 2 will re-key even if there is no traffic.
B. There will be a DH exchange for each re-key.
C. The sequence number of ESP packets received from the peer will not be checked.
D. Quick mode selectors will default to those used in the firewall policy.
Answer: A,B
Q36. - (Topic 1)
What methods can be used to access the FortiGate CLI? (Choose two.)
A. Using SNMP.
B. A direct connection to the serial console port.
C. Using the CLI console widget in the GUI.
D. Using RCP.
Answer: B,C
Q37. - (Topic 7)
A FortiGate is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received.
Which are two reasons for this problem? (Choose two.)
A. The FortiGate is connected to multiple ISPs.
B. There is a NAT device between the FortiGate and the FortiGuard Distribution Network.
C. The FortiGate is in Transparent mode.
D. The external facing interface of the FortiGate is configured to get the IP address from a DHCP server.
Answer: B,D
Q38. - (Topic 10)
Which statements are correct regarding application control? (Choose two.)
A. It is based on the IPS engine.
B. It is based on the AV engine.
C. It can be applied to SSL encrypted traffic.
D. Application control cannot be applied to SSL encrypted traffic.
Answer: A,C
Q39. - (Topic 3)
Which header field can be used in a firewall policy for traffic matching?
A. ICMP type and code.
B. DSCP.
C. TCP window size.
D. TCP sequence number.
Answer: A
Q40. - (Topic 18)
Bob wants to send Alice a file that is encrypted using public key cryptography.
Which of the following statements is correct regarding the use of public key cryptography in this scenario?
A. Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file.
B. Bob will use his public key to encrypt the file and Alice will use Bob's private key to decrypt the file.
C. Bob will use Alice's public key to encrypt the file and Alice will use her private key to decrypt the file.
D. Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file.
Answer: C