Dec 2021 updated: Pass4sure Fortinet NSE4-5.4 exam cram 33-40

Free of NSE4-5.4 torrent materials and samples for Fortinet certification for candidates, Real Success Guaranteed with Updated NSE4-5.4 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert - FortiOS 5.4 exam Today!

Q33. Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)

A. TCP SYN proxy

B. SIP session helper

C. Proxy-based antivirus

D. Attack signature matching

E. Flow-based web filtering

Answer: C,D,E

Q34. A FortiGate interface is configured with the following commands:

What statements about the configuration are correct? (Choose two.)

A. IPv6 clients connected to port1 can use SLAAC to generate their IPv6 addresses.

B. FortiGate can provide DNS settings to IPv6 clients.

C. FortiGate can send IPv6 router advertisements (RAs.)

D. FortiGate can provide IPv6 addresses to DHCPv6 client.

Answer: C,D

Q35. Which statements about DNS filter profiles are true? (Choose two.)

A. They can inspect HTTP traffic.

B. They must be applied in firewall policies with SSL inspection enabled.

C. They can block DNS request to known botnet command and control servers.

D. They can redirect blocked requests to a specific portal.

Answer: B,C

Q36. What is FortiGate’s behavior when local disk logging is disabled?

A. Only real-time logs appear on the FortiGate dashboard.

B. No logs are generated.

C. Alert emails are disabled.

D. Remote logging is automatically enabled.

Answer: A

Q37. View the exhibit.

When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?

A. The user is required to authenticate before accessing sites with untrusted SSL certificates.

B. The user is presented with certificate warnings when connecting to sites that have untrusted SSL certificates.

C. The user is allowed access all sites with untrusted SSL certificates, without certificate warnings.

D. The user is blocked from connecting to sites that have untrusted SSL certificates (no exception provided).

Answer: B

Q38. If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does the FortiGate take?

A. It blocks all future traffic for that IP address for a configured interval.

B. It archives the data for that IP address.

C. It provides a DLP block replacement page with a link to download the file.

D. It notifies the administrator by sending an email.

Answer: A

Q39. Which statement about data leak prevention (DLP) on a FortiGate is true?

A. Traffic shaping can be applied to DLP sensors.

B. It can be applied to a firewall policy in a flow-based VDOM.

C. Files can be sent to FortiSandbox for detecting DLP threats.

D. It can archive files and messages.

Answer: D

Q40. View the exhibit.

A user behind the FortiGate is trying to go to http://www.addictinggames.com (Addicting.Games). Based on this configuration, which statement is true?

A. Addicting.Games is allowed based on the Application Overrides configuration.

B. Addicting.Games is blocked based on the Filter Overrides configuration.

C. Addicting.Games can be allowed only if the Filter Overrides actions is set to Exempt.

D. Addicting.Games is allowed based on the Categories configuration.

Answer: D

To see all sample questions go to: NSE4-5.4 braindumps

Related NSE4-5.4 posts: