NSE4-5.4 Exam Questions - Online Test
NSE4-5.4 Premium VCE File
150 Lectures, 20 Hours
Testking offers free demo for NSE4-5.4 exam. "Fortinet Network Security Expert - FortiOS 5.4", also known as NSE4-5.4 exam, is a Fortinet Certification. This set of posts, Passing the Fortinet NSE4-5.4 exam, will help you answer those questions. The NSE4-5.4 Questions & Answers covers all the knowledge points of the real exam. 100% real Fortinet NSE4-5.4 exams and revised by experts!
P.S. Actual NSE4-5.4 testing engine are available on Google Drive, GET MORE: https://drive.google.com/open?id=1xSlEaFFo1TkP1Im8lI2_FaBp164pASCS
New Fortinet NSE4-5.4 Exam Dumps Collection (Question 7 - Question 16)
Q1. Which of the following statements about policy-based IPsec tunnels are true? (Choose two.)
A. They support GRE-over-IPsec.
B. They can be configured in both NAT/Route and transparent operation modes.
C. They require two firewall policies: one for each direction of traffic flow.
D. They support L2TP-over-IPsec.
Answer: B,D
Explanation: http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-ipsecvpn-54/IPsec_VPN_Overview/Types_of_VPNs.htm
Q2. Which of the following statements are true? (Choose two.)
A. Browsers can be configured to retrieve this PAC file from the FortiGate.
B. Any web request to the 172.25.120.0/24 subnet is allowed to bypass the proxy.
C. All requests not made to Fortinet.com or the 172.25.120.0/24 subnet, have to go through altproxy.corp.com: 8060.
D. Any web request fortinet.com is allowed to bypass the proxy.
Answer: A
Q3. What methods can be used to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)
A. Code blocks
B. SMS phone message
C. FortiToken
D. Browser pop-up window
E. Email
Answer: B,C,E
Q4. Which statement about the FortiGuard services for the FortiGate is true?
A. Antivirus signatures are downloaded locally on the FortiGate.
B. FortiGate downloads IPS updates using UDP port 53 or 8888.
C. FortiAnalyzer can be configured as a local FDN to provide antivirus and IPS updates.
D. The web filtering database is downloaded locally on the FortiGate.
Answer: A
Q5. How to configure Collector agent settings?
A. The dead entry timeout interval is used to age out entries with an unverified status.
B. The workstation verify interval is used to periodically check if a workstation is still a domain member.
C. The user group cache expiry is used to age out the monitored groups.
D. The IP address change verify interval monitors the server IP address where the collector agent is installed, and updates the collector agent configuration if it changes.
Answer: D
Q6. Which statements about an IPv6-over-IPv4 IPsec configuration are correct? (Choose two.)
A. The remote gateway IP must be an IPv6 address.
B. The source quick mode selector must be an IPv4 address.
C. The local gateway IP must an IPv4 address.
D. The destination quick mode selector must be an IPv6 address.
Answer: B,D
Q7. What does the configuration do? (Choose two.)
A. Reduces the amount of logs generated by denied traffic.
B. Enforces device detection on all interfaces for 30 minutes.
C. Blocks denied users for 30 minutes.
D. Creates a session for traffic being denied.
Answer: A,D
Q8. What is FortiGateu2021s behavior when local disk logging is disabled?
A. Only real-time logs appear on the FortiGate dashboard.
B. No logs are generated.
C. Alert emails are disabled.
D. Remote logging is automatically enabled.
Answer: A
Q9. Examine this output from the diagnose sys top command:
Which statements about the output are true? (Choose two.)
A. sshd is the process consuming most memory
B. sshd is the process consuming most CPU
C. All the processes listed are in sleeping state
D. The sshd process is using 123 pages of memory
Answer: B,C
Q10. An administrator has enabled proxy-based antivirus scanning and configured the following settings:
Which statement about the above configuration is true?
A. Files bigger than 10 MB are not scanned for viruses and will be blocked.
B. FortiGate scans only the first 10 MB of any file.
C. Files bigger than 10 MB are sent to the heuristics engine for scanning.
D. FortiGate scans the files in chunks of 10 MB.
Answer: A
P.S. Easily pass NSE4-5.4 Exam with Certleader Actual Dumps & pdf vce, Try Free: https://www.certleader.com/NSE4-5.4-dumps.html ( New Questions)
- What 100% Guarantee NSE7_EFW-6.4 Free Practice Questions Is
- All About Guaranteed NSE5_FSM-5.2 Latest Exam
- The Up To Date Guide To NSE7_EFW-6.0 Pdf Exam
- The Secret Of Fortinet NSE5_FAZ-6.2 Answers
- Most Up-to-date NSE4_FGT-7.0 Practice Question For Fortinet NSE 4 - FortiOS 7.0 Certification
- Update Fortinet Network Security Expert 8 Written Exam (810) NSE8_810 Pdf Exam
- A Review Of Highest Quality NSE7_OTS-6.4 Brain Dumps
- Free NSE8 Study Guides 2021
- Top Tips Of Most Up-to-date NSE7_LED-7.0 Latest Exam
- All About Real NSE7_EFW-6.2 Questions