we provide Virtual Fortinet nse4 exam dump dumps which are the best for clearing nse4 exam dump test, and to get certified by Fortinet Fortinet Network Security Expert 4 Written Exam (400). The nse4 exam dump Questions & Answers covers all the knowledge points of the real nse4 exam exam. Crack your Fortinet fortinet nse4 Exam with latest dumps, guaranteed!


♥♥ 2017 NEW RECOMMEND ♥♥

Free VCE & PDF File for Fortinet NSE4 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW NSE4 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/NSE4-exam-dumps.html

Q41. - (Topic 3) 

Which firewall objects can be included in the Destination Address field of a firewall policy? (Choose three.) 

A. IP address pool. 

B. Virtual IP address. 

C. IP address. 

D. IP address group. 

E. MAC address. 

Answer: B,C,D 


Q42. - (Topic 10) 

Which statements are true regarding traffic shaping that is applied in an application sensor, and associated with a firewall policy? (Choose two.) 

A. Shared traffic shaping cannot be used. 

B. Only traffic matching the application control signature is shaped. 

C. Can limit the bandwidth usage of heavy traffic applications. 

D. Per-IP traffic shaping cannot be used. 

Answer: B,C 


Q43. - (Topic 11) 

Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it. config router static edit 1 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 10 set device port1 next edit 2 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 20 set device port2 

next 

end 

Which of the following statements correctly describes the static routing configuration provided above? 

A. The FortiGate evenly shares the traffic to 172.20.168.0/24 through both routes. 

B. The FortiGate shares the traffic to 172.20.168.0/24 through both routes, but the port2 route will carry approximately twice as much of the traffic. 

C. The FortiGate sends all the traffic to 172.20.168.0/24 through port1. 

D. Only the route that is using port1 will show up in the routing table. 

Answer:


Q44. - (Topic 12) 

A FortiGate is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. 

Which of the following settings will this administrator be able to configure? (Choose two.) 

A. Firewall addresses. 

B. DHCP servers. 

C. FortiGuard Distribution Network configuration. 

D. System hostname. 

Answer: A,B 


Q45. - (Topic 11) 

Examine the static route configuration shown below; then answer the question following it. config router static edit 1 set dst 172.20.1.0 255.255.255.0 set device port1 set gateway 172.11.12.1 set distance 10 set weight 5 next edit 2 set dst 172.20.1.0 255.255.255.0 set blackhole enable set distance 5 set weight 10 next end Which of the following statements correctly describes the static routing configuration 

provided? (Choose two.) 

A. All traffic to 172.20.1.0/24 is dropped by the FortiGate. 

B. As long as port1 is up, all traffic to 172.20.1.0/24 is routed by the static route number 1. If the interface port1 is down, the traffic is routed using the blackhole route. 

C. The FortiGate unit does NOT create a session entry in the session table when the traffic is being routed by the blackhole route. 

D. The FortiGate unit creates a session entry in the session table when the traffic is being 

routed by the blackhole route. 

Answer: A,C 


Q46. - (Topic 1) 

What capabilities can a FortiGate provide? (Choose three.) 

A. Mail relay. 

B. Email filtering. 

C. Firewall. 

D. VPN gateway. 

E. Mail server. 

Answer: B,C,D 


Q47. - (Topic 13) 

In transparent mode, forward-domain is an CLI setting associate with ______________. 

A. a static route. 

B. a firewall policy. 

C. an interface. 

D. a virtual domain. 

Answer:


Q48. - (Topic 7) 

Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols? 

A. Proxy-based. 

B. DNS-based. 

C. Flow-based. 

D. Man-in-the-middle. 

Answer:


Q49. - (Topic 1) 

When creating FortiGate administrative users, which configuration objects specify the account rights? 

A. Remote access profiles. 

B. User groups. 

C. Administrator profiles. 

D. Local-in policies. 

Answer:


Q50. - (Topic 3) 

Examine the following CLI configuration: config system session-ttl set default 1800 end What statement is true about the effect of the above configuration line? 

A. Sessions can be idle for no more than 1800 seconds. 

B. The maximum length of time a session can be open is 1800 seconds. 

C. After 1800 seconds, the end user must re-authenticate. 

D. After a session has been open for 1800 seconds, the FortiGate sends a keepalive packet to both client and server. 

Answer: