It is more faster and easier to pass the Fortinet nse4 exam exam by using Refined Fortinet Fortinet Network Security Expert 4 Written Exam (400) questuins and answers. Immediate access to the Abreast of the times fortinet nse4 exam dumps Exam and find the same core area nse4 exam dump questions with professionally verified answers, then PASS your exam with a high score now.
Q17. - (Topic 15)
Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit.
Which statements is correct regarding this output? (Select one answer).
A. One tunnel is rekeying.
B. Two tunnels are rekeying.
C. Two tunnels are up.
D. One tunnel is up.
Answer: C
Q18. - (Topic 19)
Data leak prevention archiving gives the ability to store files and message data onto a
FortiAnalyzer unit for which of the following types of network traffic? (Choose three.)
A. POP3
B. SNMP
C. IPsec
D. SMTP
E. HTTP
Answer: A,D,E
Q19. - (Topic 1)
What methods can be used to access the FortiGate CLI? (Choose two.)
A. Using SNMP.
B. A direct connection to the serial console port.
C. Using the CLI console widget in the GUI.
D. Using RCP.
Answer: B,C
Q20. - (Topic 6)
What is IPsec Perfect Forwarding Secrecy (PFS)?.
A. A phase-1 setting that allows the use of symmetric encryption.
B. A phase-2 setting that allows the recalculation of a new common secret key each time the session key expires.
C. A ‘key-agreement’ protocol.
D. A ‘security-association-agreement’ protocol.
Answer: B
Q21. - (Topic 21)
What functions can the IPv6 Neighbor Discovery protocol accomplish? (Choose two.)
A. Negotiate the encryption parameters to use.
B. Auto-adjust the MTU setting.
C. Autoconfigure addresses and prefixes.
D. Determine other nodes reachability.
Answer: C,D
Q22. - (Topic 5)
A user logs into a SSL VPN portal and activates the tunnel mode. The administrator has enabled split tunneling. The exhibit shows the firewall policy configuration:
Which static route is automatically added to the client’s routing table when the tunnel mode is activated?
A. A route to a destination subnet matching the Internal_Servers address object.
B. A route to the destination subnet configured in the tunnel mode widget.
C. A default route.
D. A route to the destination subnet configured in the SSL VPN global settings.
Answer: A
Q23. - (Topic 15)
Review the IPsec phase 1 configuration in the exhibit; then answer the question below.
Which statements are correct regarding this configuration? (Choose two.)
A. The remote gateway address on 10.200.3.1.
B. The local IPsec interface address is 10.200.3.1.
C. The local gateway IP is the address assigned to port1.
D. The local gateway IP address is 10.200.3.1.
Answer: A,C
Q24. - (Topic 1)
What are valid options for handling DNS requests sent directly to a FortiGates interface IP? (Choose three.)
A. Conditional-forward.
B. Forward-only.
C. Non-recursive.
D. Iterative.
E. Recursive.
Answer: B,C,E