2017 October Fortinet Official New Released NSE4 Dumps in Lead2pass.com!
100% Free Download! 100% Pass Guaranteed!
There is no need to hassle if you are stuck in the NSE4 exam difficulties, Lead2pass will assist you right through NSE4 exam with NSE4 PDF and VCE dumps. Lead2pass delivers the most comprehensive NSE4 exam preparation material, covering each and every aspect of NSE4 exam curriculum. We ensure you 100% success in NSE4 exam.
Following questions and answers are all new published by Fortinet Official Exam Center: https://www.lead2pass.com/nse4.html
QUESTION 126
Examine the exhibit shown below; then answer the question following it.
Which of the following statements best describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?
A. They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network.
B. They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network.
C. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.
D. They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network.
Answer: A
QUESTION 127
A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received.
Which of the following statements are possible reasons for this? (Select all that apply.)
A. The external facing interface of the FortiGate unit is configured to use DHCP.
B. The FortiGate unit has not been registered.
C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network and no override push IP is configured.
D. The FortiGate unit is in Transparent mode which does not support push updates.
Answer: ABC
QUESTION 128
A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.
Exhibit A:
Exhibit B:
What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?
A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.
B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.
C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.
D. The FortiGate unit will reject the infected email and notify the sender.
Answer: A
QUESTION 129
Caching improves performance by reducing FortiGate unit requests to the FortiGuard server.
Which of the following statements are correct regarding the caching of FortiGuard responses? (Select all that apply.)
A. Caching is available for web filtering, antispam, and IPS requests.
B. The cache uses a small portion of the FortiGate system memory.
C. When the cache is full, the least recently used IP address or URL is deleted from the cache.
D. An administrator can configure the number of seconds to store information in the cache before the FortiGate unit contacts the FortiGuard server again.
E. The size of the cache will increase to accomodate any number of cached queries.
Answer: BCD
QUESTION 130
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)
A. FortiGate
B. FortiClient
C. FortiMail
D. FortiAnalyzer
Answer: ABC
QUESTION 131
How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.)
A. File TypE. Microsoft Office(msoffice)
B. File TypE. Archive(zip)
C. File TypE. Unknown Filetype(unknown)
D. File NamE. “*.ppt”, “*.doc”, “*.xls”
E. File NamE. “*.pptx”, “*.docx”, “*.xlsx”
Answer: BE
QUESTION 132
What are the valid sub-types for a Firewall type policy? (Select all that apply)
A. Device Identity
B. Address
C. User Identity
D. Schedule
E. SSL VPN
Answer: ABC
QUESTION 133
In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?
A. The traffic is blocked.
B. The traffic is passed.
C. The traffic is passed and logged.
D. The traffic is blocked and logged.
Answer: A
QUESTION 134
In which order are firewall policies processed on the FortiGate unit?
A. They are processed from the top down according to their sequence number.
B. They are processed based on the policy ID number shown in the left hand column of the policy window.
C. They are processed on best match.
D. They are processed based on a priority value assigned through the priority column in the policy window.
Answer: A
QUESTION 135
Which of the following pieces of information can be included in the Destination Address field of a firewall policy? (Select all that apply.)
A. An IP address pool.
B. A virtual IP address.
C. An actual IP address or an IP address group.
D. An FQDN or Geographic value(s).
Answer: BCD
QUESTION 136
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ .
A. set order
B. edit policy
C. reorder
D. move
Answer: D
QUESTION 137
You wish to create a firewall policy that applies only to traffic intended for your web server.
The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct?
A. 192.168.2.0 / 255.255.255.0
B. 192.168.2.2 / 255.255.255.0
C. 192.168.2.0 / 255.255.255.255
D. 192.168.2.2 / 255.255.255.255
Answer: D
QUESTION 138
A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices?
A. SSL
B. IPSec
C. direct serial connection
D. S/MIME
Answer: B
QUESTION 139
Which of the following network protocols are supported for administrative access to a FortiGate unit?
A. HTTPS, HTTP, SSH, TELNET, PING, SNMP
B. FTP, HTTPS, NNTP, TCP, WINS
C. HTTP, NNTP, SMTP, DHCP
D. Telnet, FTP, RLOGIN, HTTP, HTTPS, DDNS
E. Telnet, UDP, NNTP, SMTP
Answer: A
QUESTION 140
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?
A. The FortiGate unit applies NAT to all traffic.
B. The FortiGate unit functions as a Layer 3 device.
C. The FortiGate unit functions as a Layer 2 device.
D. The FortiGate unit functions as a router and the firewall function is disabled.
Answer: B
QUESTION 141
A FortiGate unit can provide which of the following capabilities? (Select all that apply.)
A. Email filtering
B. Firewall
C. VPN gateway
D. Mail relay
E. Mail server
Answer: ABC
QUESTION 142
Which of the following methods can be used to access the CLI? (Select all that apply.)
A. By using a direct connection to a serial console.
B. By using the CLI console window in the GUI.
C. By using an SSH connection.
D. By using a Telnet connection.
Answer: ABCD
QUESTION 143
The __________CLI command is used on the FortiGate unit to run static commands such as ping or to reset the FortiGate unit to factory defaults.
Answer: execute
QUESTION 144
When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password.
If the password is forgotten, the configuration file can still be restored using which of the following methods?
A. Selecting the recover password option during the restore process.
B. Having the password emailed to the administrative user by selecting the Forgot Password option.
C. Sending the configuration file to Fortinet Support for decryption.
D. If the password is forgotten, there is no way to use the file.
Answer: D
QUESTION 145
When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.
A. profile
B. allowaccess interface settings
C. operation mode
D. local-in policy
Answer: A
QUESTION 146
Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.)
A. Push update
B. Scheduled update
C. Manual update
D. FTP update
Answer: ABC
QUESTION 147
Which of the following statements are true of the FortiGate unit’s factory default configuration?
A. `Port1′ or `Internal’ interface will have an IP of 192.168.1.99.
B. `Port1′ or `Internal’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers).
C. Default login will always be the username: admin (all lowercase) and no password.
D. The implicit firewall action is ACCEPT.
Answer: ABC
QUESTION 148
Under the System Information widget on the dashboard, which of the following actions are available for the system configuration? (Select all that apply.)
A. Backup
B. Restore
C. Revisions
D. Export
Answer: ABC
QUESTION 149
Encrypted backup files provide which of the following benefits? (Select all that apply.)
A. Integrity of the backup file is protected since it cannot be easily modified when encrypted.
B. Prevents the backup file from becoming corrupted.
C. Protects details of the device’s configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.
Answer: AC
QUESTION 150
The FortiGate unit’s GUI provides a link to update the firmware.
Clicking this link will perform which of the following actions?
A. It will connect to the Fortinet Support site where the appropriate firmware version can be selected.
B. It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C. It will present a prompt to allow browsing to the location of the firmware file.
D. It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.
Answer: C
We highly recommend our NSE4 dumps. Comparing with others’, Lead2pass is the most credible and authentic source of information on NSE4 exam and we strive to keep our NSE4 dumps up-to-date and reliable on a consistent basis. Our exam preparation material is rich in variety. We offer NSE4 PDF format and NSE4 practice test with free VCE player. That’s the reason why many candidates choose Lead2pass.
NSE4 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDeFZLNEJDeDRQdlE
2017 Fortinet NSE4 exam dumps (All 533 Q&As) from Lead2pass:
https://www.lead2pass.com/nse4.html [100% Exam Pass Guaranteed]
admin October 11th, 2017
Posted In: Fortinet, NSE4 Dumps, NSE4 Exam Questions, NSE4 New Questions, NSE4 PDF, NSE4 VCE
Tags: Lead2pass NSE4, NSE4 braindumps, NSE4 exam dumps, NSE4 exam question, NSE4 pdf dumps, NSE4 practice test, NSE4 study guide, NSE4 vce dumps