It is impossible to pass Fortinet NSE4 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed Fortinet NSE4 practice questions. You will get a surprising result by our Abreast of the times Fortinet Network Security Expert 4 Written Exam (400) practice guides.

2021 Sep NSE4 free draindumps

Q41. - (Topic 21) 

Which statements are true regarding IPv6 anycast addresses? (Choose two.) 

A. Multiple interfaces can share the same anycast address. 

B. They are allocated from the multicast address space. 

C. Different nodes cannot share the same anycast address. 

D. An anycast packet is routed to the nearest interface. 

Answer: A,D 


Q42. - (Topic 7) 

Which statement is correct regarding virus scanning on a FortiGate unit? 

A. Virus scanning is enabled by default. 

B. Fortinet customer support enables virus scanning remotely for you. 

C. Virus scanning must be enabled in a security profile, which must be applied to a firewall policy. 

D. Enabling virus scanning in a security profile enables virus protection for all traffic flowing through the FortiGate. 

Answer: C 


Q43. - (Topic 4) 

Which two statements are true regarding firewall policy disclaimers? (Choose two.) 

A. They cannot be used in combination with user authentication. 

B. They can only be applied to wireless interfaces. 

C. Users must accept the disclaimer to continue. 

D. The disclaimer page is customizable. 

Answer: C,D 


Q44. - (Topic 7) 

Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols? 

A. Proxy-based. 

B. DNS-based. 

C. Flow-based. 

D. Man-in-the-middle. 

Answer: C 


Q45. - (Topic 2) 

Regarding the header and body sections in raw log messages, which statement is correct? 

A. The header and body section layouts change depending on the log type. 

B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type. 

C. Some log types include multiple body sections. 

D. Some log types do not include a body section. 

Answer: B 


NSE4 free draindumps

Avant-garde NSE4 pdf exam:

Q46. - (Topic 17) 

Which statement is one disadvantage of using FSSO NetAPI polling mode over FSSO Security Event Log (WinSecLog) polling mode? 

A. It requires a DC agent installed in some of the Windows DC. 

B. It runs slower. 

C. It might miss some logon events. 

D. It requires access to a DNS server for workstation name resolution. 

Answer: C 


Q47. - (Topic 14) 

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the exhibit below. 


Which statements are correct regarding this setting? (Choose two.) 

A. Interface settings on port7 will not be synchronized with other cluster members. 

B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface. 

C. When connecting to port7 you always connect to the master device. 

D. A gateway address may be configured for port7. 

Answer: A,D 


Q48. - (Topic 9) 

Which two web filtering inspection modes inspect the full URL? (Choose two.) 

A. DNS-based. 

B. Proxy-based. 

C. Flow-based. 

D. URL-based. 

Answer: B,C 


Q49. - (Topic 22) 

Which statements are true about offloading antivirus inspection to a Security Processor (SP)? (Choose two.) 

A. Both proxy-based and flow-based inspection are supported. 

B. A replacement message cannot be presented to users when a virus has been detected. 

C. It saves CPU resources. 

D. The ingress and egress interfaces can be in different SPs. 

Answer: B,C 


Q50. - (Topic 2) 

Which is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying a FortiGate unit? 

A. MIB-based report uploads. 

B. SNMP access limited by access lists. 

C. Packet encryption. 

D. Running SNMP service on a non-standard port is possible. 

Answer: C