Exambible offers free demo for NSE4-5.4 exam. "Fortinet Network Security Expert - FortiOS 5.4", also known as NSE4-5.4 exam, is a Fortinet Certification. This set of posts, Passing the Fortinet NSE4-5.4 exam, will help you answer those questions. The NSE4-5.4 Questions & Answers covers all the knowledge points of the real exam. 100% real Fortinet NSE4-5.4 exams and revised by experts!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE4-5.4 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE4-5.4 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE4-5.4-exam-dumps.html
P.S. Guaranteed NSE4-5.4 paper are available on Google Drive, GET MORE: https://drive.google.com/open?id=1xSlEaFFo1TkP1Im8lI2_FaBp164pASCS
New Fortinet NSE4-5.4 Exam Dumps Collection (Question 4 - Question 13)
Question No: 4
Which of the following statements are true when using Web Proxy Auto-discovery Protocol (WPAD) with the DHCP discovery method? (Choose two.)
A. The browser sends a DHCPINFORM request to the DHCP server.
B. The browser will need to be preconfigured with the DHCP serveru2021s IP address.
C. The DHCP server provides the PAC file for download.
D. If the DHCP method fails, browsers will try the DNS method.
Answer: C,D
Question No: 5
How do you configure inline SSL inspection on a firewall policy? (Choose two.)
A. Enable one or more flow-based security profiles on the firewall policy.
B. Enable the SSL/SSH Inspection profile on the firewall policy.
C. Execute the inline ssl inspection CLI command.
D. Enable one or more proxy-based security profiles on the firewall policy.
Answer: A,B
Question No: 6
Which of the following statements about policy-based IPsec tunnels are true? (Choose two.)
A. They support GRE-over-IPsec.
B. They can be configured in both NAT/Route and transparent operation modes.
C. They require two firewall policies: one for each direction of traffic flow.
D. They support L2TP-over-IPsec.
Answer: B,D
Explanation: http://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-ipsecvpn-54/IPsec_VPN_Overview/Types_of_VPNs.htm
Question No: 7
Which statements about DNS filter profiles are true? (Choose two.)
A. They can inspect HTTP traffic.
B. They must be applied in firewall policies with SSL inspection enabled.
C. They can block DNS request to known botnet command and control servers.
D. They can redirect blocked requests to a specific portal.
Answer: C,D
Question No: 8
An administrator has blocked Netflix login in a cloud access security inspection (CASI) profile. The administrator has also applied the CASI profile to a firewall policy.
What else is required for the CASI profile to work properly?
A. You must enable logging for security events on the firewall policy.
B. You must activate a FortiCloud account.
C. You must apply an application control profile to the firewall policy.
D. You must enable SSL inspection on the firewall policy.
Answer: C
Question No: 9
View the exhibit.
Which statements about the exhibit are true? (Choose two.)
A. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.
B. port1-VLAN1 is the native VLAN for the port1 physical interface.
C. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.
D. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.
Answer: A,D
Question No: 10
What methods can be used to deliver the token code to a user who is configured to use two-factor authentication? (Choose three.)
A. Code blocks
B. SMS phone message
C. FortiToken
D. Browser pop-up window
E. Email
Answer: B,C,E
Question No: 11
Which statements correctly describe transparent mode operation? (Choose three.)
A. All interfaces of the transparent mode FortiGate device must be on different IP subnets.
B. The transparent FortiGate is visible to network hosts in an IP traceroute.
C. It permits inline traffic inspection and firewalling without changing the IP scheme of the network.
D. Ethernet packets are forwarded based on destination MAC addresses, not IP addresses.
E. The FortiGate acts as transparent bridge and forwards traffic at Layer-2.
Answer: C,D,E
Question No: 12
How does FortiGate verify the login credentials of a remote LDAP user?
A. FortiGate sends the user entered credentials to the LDAP server for authentication.
B. FortiGate re-generates the algorithm based on the login credentials and compares it against the algorithm stored on the LDAP server.
C. FortiGate queries its own database for credentials.
D. FortiGate queries the LDAP server for credentials.
Answer: D
Question No: 13
An administrator has configured two VLAN interfaces:
A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?
A. Both interfaces must be in different VDOMs
B. Both interfaces must have the same VLAN ID.
C. The role of the VLAN10 interface must be set to server.
D. Both interfaces must belong to the same forward domain.
Answer: D
P.S. Easily pass NSE4-5.4 Exam with Dumpscollection Guaranteed Dumps & pdf vce, Try Free: http://www.dumpscollection.net/dumps/NSE4-5.4/ ( New Questions)
