Want to know Testking NSE4 Exam practice test features? Want to lear more about Fortinet Fortinet Network Security Expert 4 Written Exam (400) certification experience? Study Simulation Fortinet NSE4 answers to Rebirth NSE4 questions at Testking. Gat a success with an absolute guarantee to pass Fortinet NSE4 (Fortinet Network Security Expert 4 Written Exam (400)) test on your first attempt.
2021 Apr NSE4 free exam
Q21. - (Topic 7)
Examine the exhibit; then answer the question below.
Which statement describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?
A. They indicate that the FortiGate has the latest updates available from the FortiGuard Distribution Network.
B. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.
C. They indicate that the FortiGate is in the process of downloading updates from the FortiGuard Distribution Network.
D. They indicate that the FortiGate is able to connect to the FortiGuard Distribution Network.
Answer: D
Q22. - (Topic 2)
Regarding the header and body sections in raw log messages, which statement is correct?
A. The header and body section layouts change depending on the log type.
B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type.
C. Some log types include multiple body sections.
D. Some log types do not include a body section.
Answer: B
Q23. - (Topic 11)
Examine the exhibit below; then answer the question following it.
In this scenario, the FortiGate unit in Ottawa has the following routing table:
S* 0.0.0.0/0 [10/0] via 172.20.170.254, port2
C 172.20.167.0/24 is directly connected, port1
C 172.20.170.0/24 is directly connected, port2
Sniffer tests show that packets sent from the source IP address 172.20.168.2 to the destination IP address 172.20.169.2 are being dropped by the FortiGate located in Ottawa. Which of the following correctly describes the cause for the dropped packets?
A. The forward policy check.
B. The reverse path forwarding check.
C. The subnet 172.20.169.0/24 is NOT in the Ottawa FortiGate’s routing table.
D. The destination workstation 172.20.169.2 does NOT have the subnet 172.20.168.0/24 in its routing table.
Answer: B
Q24. - (Topic 11)
When does a FortiGate load-share traffic between two static routes to the same destination subnet?
A. When they have the same cost and distance.
B. When they have the same distance and the same weight.
C. When they have the same distance and different priority.
D. When they have the same distance and same priority.
Answer: D
Q25. - (Topic 5)
A user logs into a SSL VPN portal and activates the tunnel mode. The administrator has enabled split tunneling. The exhibit shows the firewall policy configuration:
Which static route is automatically added to the client’s routing table when the tunnel mode is activated?
A. A route to a destination subnet matching the Internal_Servers address object.
B. A route to the destination subnet configured in the tunnel mode widget.
C. A default route.
D. A route to the destination subnet configured in the SSL VPN global settings.
Answer: A
Regenerate NSE4 latest exam:
Q26. - (Topic 14)
In a high availability cluster operating in active-active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a slave unit?
A. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
B. Request: internal host; slave FortiGate; Internet; web server.
C. Request: internal host; slave FortiGate; master FortiGate; Internet; web server.
D. Request: internal host; master FortiGate; slave FortiGate; Internet; web server.
Answer: D
Q27. - (Topic 7)
Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols?
A. Proxy-based.
B. DNS-based.
C. Flow-based.
D. Man-in-the-middle.
Answer: C
Q28. - (Topic 16)
Examine the following log message for IPS:
2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity="critical" src="192.168.3.168" dst="192.168.3.170" src_int="port2" serial=0 status="detected" proto=1 service="icmp" count=1 attack_name="icmp_flood" icmp_id="0xa8a4" icmp_type="0x08" icmp_code="0x00" attack_id=16777316 sensor="1" ref="http://www.fortinet.com/ids/VID16777316" msg="anomaly: icmp_flood, 51 > threshold 50"
Which statement is correct about the above log? (Choose two.)
A. The target is 192.168.3.168.
B. The target is 192.168.3.170.
C. The attack was NOT blocked.
D. The attack was blocked.
Answer: B,C
Q29. - (Topic 1)
What methods can be used to access the FortiGate CLI? (Choose two.)
A. Using SNMP.
B. A direct connection to the serial console port.
C. Using the CLI console widget in the GUI.
D. Using RCP.
Answer: B,C
Q30. - (Topic 10)
Which statements are true regarding traffic shaping that is applied in an application sensor, and associated with a firewall policy? (Choose two.)
A. Shared traffic shaping cannot be used.
B. Only traffic matching the application control signature is shaped.
C. Can limit the bandwidth usage of heavy traffic applications.
D. Per-IP traffic shaping cannot be used.
Answer: B,C