100% Valid Dumps For NSE4 Exam Pass: PassLeader have been updated the 222q NSE4 exam dumps and added the new exam questions, in the latest version of NSE4 PDF dumps or VCE dumps, you will get all the new changed 222q NSE4 exam questions, which will help you 100% passing NSE4 exam, and you will get the free version of VCE Player together with your NSE4 VCE dumps. Welcome to visit our website — passleader.com and get your NSE4 exam passed easily!
keywords: NSE4 exam,222q NSE4 exam dumps,222q NSE4 exam questions,NSE4 pdf dumps,NSE4 vce dumps,NSE4 practice test,NSE4 study guide,NSE 4 — Fortinet Network Security Professional Exam
Regarding the header and body sections in raw log messages, which statement is correct?
A. The header and body section layouts change depending on the log type.
B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type.
C. Some log types include multiple body sections.
D. Some log types do not include a body section.
In HA, the option Reserve Management Port for Cluster Member is selected as shown in the exhibit below.
Which statements are correct regarding this setting? (Choose two.)
A. Interface settings on port7 will not be synchronized with other cluster members.
B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface.
C. When connecting to port7 you always connect to the master device.
D. A gateway address may be configured for port7.
The exhibit shows the Disconnect Cluster Member command in a FortiGate unit that is part of a HA cluster with two HA members.
What is the effect of the Disconnect Cluster Member command as given in the exhibit. (Choose two.)
A. Port3 is configured with an IP address for management access.
B. The firewall rules are purged on the disconnected unit.
C. The HA mode changes to standalone.
D. The system hostname is set to the unit serial number.
Which firewall objects can be included in the Destination Address field of a firewall policy? (Choose three.)
A. IP address pool.
B. Virtual IP address.
C. IP address.
D. IP address group.
E. MAC address.
Which header field can be used in a firewall policy for traffic matching?
A. ICMP type and code.
C. TCP window size.
D. TCP sequence number.
The order of the firewall policies is important. Policies can be re-ordered from either the GUI or the CLI. Which CLI command is used to perform this function?
A. set order
B. edit policy
Examine the following CLI configuration:
config system session-ttl
set default 1800
What statement is true about the effect of the above configuration line?
A. Sessions can be idle for no more than 1800 seconds.
B. The maximum length of time a session can be open is 1800 seconds.
C. After 1800 seconds, the end user must re-authenticate.
D. After a session has been open for 1800 seconds, the FortiGate sends a keepalive packet to both client and server.
In which order are firewall policies processed on a FortiGate unit?
A. From top to down, according with their sequence number.
B. From top to down, according with their policy ID number.
C. Based on best match.
D. Based on the priority value.
Which statements are true regarding local user authentication? (Choose two.)
A. Two-factor authentication can be enabled on a per user basis.
B. Local users are for administration accounts only and cannot be used to authenticate network users.
C. Administrators can create the user accounts is a remote server and store the user passwords locally in the FortiGate.
D. Both the usernames and passwords can be stored locally on the FortiGate.
Examine the following spanning tree configuration on a FortiGate in transparent mode:
config system interface
edit <interface name>
set stp-forward enable
Which statement is correct for the above configuration?
A. The FortiGate participates in spanning tree.
B. The FortiGate device forwards received spanning tree messages.
C. Ethernet layer-2 loops are likely to occur.
D. The FortiGate generates spanning tree BPDU frames.
Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of diagnose sys session stat for the STUDENT device. Exhibit B shows the command output of diagnose sys session stat for the REMOTE device.
Given the information provided in the exhibits, which of the following statements are correct? (Choose two.)
A. STUDENT is likely to be the master device.
B. Session-pickup is likely to be enabled.
C. The cluster mode is active-passive.
D. There is not enough information to determine the cluster mode.
An administrator has formed a high availability cluster involving two FortiGate units.
[ Multiple upstream Layer 2 switches] — [ FortiGate HA Cluster ] — [ Multiple downstream Layer 2 switches ]
The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster. Which of the following options describes the best step the administrator can take? The administrator should _____________________.
A. Increase the number of FortiGate units in the cluster and configure HA in active-active mode.
B. Enable monitoring of all active interfaces.
C. Set up a full-mesh design which uses redundant interfaces.
D. Configure the HA ping server feature to allow for HA failover in the event that a path is disrupted.
In a high availability cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a slave unit?
A. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
B. Request: internal host; slave FortiGate; Internet; web server.
C. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
D. Request: internal host; master FortiGate; slave FortiGate; Internet; web server.
Two FortiGate devices fail to form an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of show system ha for the STUDENT device. Exhibit B shows the command output of show system ha for the REMOTE device.
Which one of the following is the most likely reason that the cluster fails to form?
B. HA mode
Which IPsec configuration mode can be used for implementing GRE-over-IPsec VPNs?.
A. Policy-based only.
B. Route-based only.
C. Either policy-based or route-based VPN.
D. GRE-based only.
You are the administrator in charge of a FortiGate acting as an IPsec VPN gateway using route-based mode. Users from either side must be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate already has a default route. Which two configuration steps are required to achieve these objectives? (Choose two.)
A. Create one firewall policy.
B. Create two firewall policies.
C. Add a route to the remote subnet.
D. Add two IPsec phases 2.
An administrator wants to create an IPsec VPN tunnel between two FortiGate devices. Which three configuration steps must be performed on both units to support this scenario? (Choose three.)
A. Create firewall policies to allow and control traffic between the source and destination IP addresses.
B. Configure the appropriate user groups to allow users access to the tunnel.
C. Set the operating mode to IPsec VPN mode.
D. Define the phase 2 parameters.
E. Define the Phase 1 parameters.
What is IPsec Perfect Forwarding Secrecy (PFS)?.
A. A phase-1 setting that allows the use of symmetric encryption.
B. A phase-2 setting that allows the recalculation of a new common secret key each time the session key expires.
C. A `key-agreement’ protocol.
D. A `security-association-agreement’ protocol.
An administrator has configured a route-based site-to-site IPsec VPN. Which statement is correct regarding this IPsec VPN configuration?
A. The IPsec firewall policies must be placed at the top of the list.
B. This VPN cannot be used as part of a hub and spoke topology.
C. Routes are automatically created based on the quick mode selectors.
D. A virtual IPsec interface is automatically created after the Phase 1 configuration is completed.
A FortiGate is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which are two reasons for this problem? (Choose two.)
A. The FortiGate is connected to multiple ISPs.
B. There is a NAT device between the FortiGate and the FortiGuard Distribution Network.
C. The FortiGate is in Transparent mode.
D. The external facing interface of the FortiGate is configured to get the IP address from a DHCP server.