Fortinet NSE4-5.4 Exam Practice Questions and Answers

Question 6 of 575

View the exhibit.

Which of the following statements are correct? (Choose two.)

A.

This is a redundant IPsec setup.

B.

The TunnelB route is the primary one for searching the remote site. The TunnelA route is used only if the TunnelB VPN is down.

C.

This setup requires at least two firewall policies with action set to IPsec.

D.

Dead peer detection must be disabled to support this type of IPsec setup.

Question 7 of 575

Which statements about DNS filter profiles are true? (Choose two.)

A.

They can inspect HTTP traffic.

B.

They must be applied in firewall policies with SSL inspection enabled.

C.

They can block DNS request to known botnet command and control servers.

D.

They can redirect blocked requests to a specific portal.

Question 8 of 575

An administrator needs to offload logging to FortiAnalyzer from a FortiGate with an internal hard drive. Which statements are true? (Choose two.)

A.

Logs must be stored on FortiGate first, before transmitting to FortiAnalyzer

B.

FortiGate uses port 8080 for log transmission

C.

Log messages are transmitted as plain text in LZ4 compressed format (store-and-upload method).

D.

FortiGate can encrypt communications using SSL encrypted OFTP traffic.

Question 9 of 575

Which of the following statements describe WMI polling mode for FSSO collector agent? (Choose two.)

A.

The collector agent does not need to search any security event logs.

B.

WMI polling can increase bandwidth usage with large networks.

C.

The NetSessionEnum function is used to track user logoffs.

D.

The collector agent uses a Windows API to query DCs for user logins.

Question 10 of 575

An administrator observes that the port1 interface cannot be configured with an IP address. What can be the reasons for that? (Choose three.)

A.

The interface has been configured for one-arm sniffer.

B.

The interface is a member of a virtual wire pair.

C.

The operation mode is transparent.

D.

The interface is a member of a zone.

E.

Captive portal is enabled in the interface.