Want to know Examcollection fortinet nse4 dumps Exam practice test features? Want to lear more about Fortinet Fortinet Network Security Expert 4 Written Exam (400) certification experience? Study Actual Fortinet fortinet nse4 answers to Updated nse4 dumps questions at Examcollection. Gat a success with an absolute guarantee to pass Fortinet fortinet nse4 exam (Fortinet Network Security Expert 4 Written Exam (400)) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE4 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE4 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE4-exam-dumps.html
Q51. - (Topic 21)
Which statements are correct regarding an IPv6 over IPv4 IPsec configuration? (Choose two.)
A. The source quick mode selector must be an IPv4 address.
B. The destination quick mode selector must be an IPv6 address.
C. The Local Gateway IP must be an IPv4 address.
D. The remote gateway IP must be an IPv6 address.
Answer: B,C
Q52. - (Topic 4)
Which two statements are true regarding firewall policy disclaimers? (Choose two.)
A. They cannot be used in combination with user authentication.
B. They can only be applied to wireless interfaces.
C. Users must accept the disclaimer to continue.
D. The disclaimer page is customizable.
Answer: C,D
Q53. - (Topic 15)
Which IPsec mode includes the peer id information in the first packet?
A. Main mode.
B. Quick mode.
C. Aggressive mode.
D. IKEv2 mode.
Answer: C
Q54. - (Topic 5)
Which two statements are true about IPsec VPNs and SSL VPNs? (Choose two.)
A. SSL VPN creates a HTTPS connection. IPsec does not.
B. Both SSL VPNs and IPsec VPNs are standard protocols.
C. Either a SSL VPN or an IPsec VPN can be established between two FortiGate devices.
D. Either a SSL VPN or an IPsec VPN can be established between an end-user workstation and a FortiGate device.
Answer: A,D
Q55. - (Topic 8)
Examine the following FortiGate web proxy configuration; then answer the question below: config web-proxy explicit set pac-file-server-status enable set pac-file-server-port 8080 set pac-file-name wpad.dat end Assuming that the FortiGate proxy IP address is 10.10.1.1, which URL must an Internet
browser use to download the PAC file?
A. https://10.10.1.1:8080
B. https://10.10.1.1:8080/wpad.dat
C. http://10.10.1.1:8080/
D. http://10.10.1.1:8080/wpad.dat
Answer: D
Q56. - (Topic 1)
What are valid options for handling DNS requests sent directly to a FortiGates interface IP? (Choose three.)
A. Conditional-forward.
B. Forward-only.
C. Non-recursive.
D. Iterative.
E. Recursive.
Answer: B,C,E
Q57. - (Topic 3)
Which header field can be used in a firewall policy for traffic matching?
A. ICMP type and code.
B. DSCP.
C. TCP window size.
D. TCP sequence number.
Answer: A
Q58. - (Topic 15)
Review the IPsec diagnostics output of the command diagnose vpn tunnel list shown in the exhibit.
Which statements is correct regarding this output? (Select one answer).
A. One tunnel is rekeying.
B. Two tunnels are rekeying.
C. Two tunnels are up.
D. One tunnel is up.
Answer: C
Q59. - (Topic 3)
The order of the firewall policies is important. Policies can be re-ordered from either the GUI or the CLI. Which CLI command is used to perform this function?
A. set order
B. edit policy
C. reorder
D. move
Answer: D
Q60. - (Topic 6)
An administrator wants to create an IPsec VPN tunnel between two FortiGate devices.
Which three configuration steps must be performed on both units to support this scenario? (Choose three.)
A. Create firewall policies to allow and control traffic between the source and destination IP addresses.
B. Configure the appropriate user groups to allow users access to the tunnel.
C. Set the operating mode to IPsec VPN mode.
D. Define the phase 2 parameters.
E. Define the Phase 1 parameters.
Answer: A,D,E