Download Fortinet NSE4 -FortiOS 6-0.braindumps.NSE4_FGT-6.0.2019-02-05.1e.35q.vcex

Download Dump

File Info

Exam Fortinet NSE4 - FortiOS 6.0
Number NSE4_FGT-6.0
File Name Fortinet NSE4 -FortiOS 6-0.braindumps.NSE4_FGT-6.0.2019-02-05.1e.35q.vcex
Size 1.52 Mb
Posted February 05, 2019
Downloads 91

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%


Demo Questions

Question 1
What files are sent to FortiSandbox for inspection in flow-based inspection mode?

  • A: All suspicious files that do not have their hash value in the FortiGuard antivirus signature database.
  • B: All suspicious files that are above the defined oversize limit value in the protocol options.
  • C: All suspicious files that match patterns defined in the antivirus profile.
  • D: All suspicious files that are allowed to be submitted to FortiSandbox in the antivirus profile.

Question 2
Which statements about a One-to-One IP pool are true? (Choose two.)

  • A: It is used for destination NAT.
  • B: It allows the fixed mapping of an internal address range to an external address range.
  • C: It does not use port address translation.
  • D: It allows the configuration of ARP replies.

Question 3
An administrator needs to strengthen the security for SSL VPN access. Which of the following statements are best practices to do so? (Choose three.)

  • A: Configure split tunneling for content inspection.
  • B: Configure host restrictions by IP or MAC address.
  • C: Configure two-factor authentication using security certificates.
  • D: Configure SSL offloading to a content processor (FortiASIC).
  • E: Configure a client integrity check (host-check).

Question 4
Which statement about FortiGuard services for FortiGate is true?

  • A: The web filtering database is downloaded locally on FortiGate.
  • B: Antivirus signatures are downloaded locally on FortiGate.
  • C: FortiGate downloads IPS updates using UDP port 53 or 8888.
  • D: FortiAnalyzer can be configured as a local FDN to provide antivirus and IPS updates.

Question 5
View the exhibit. 


Based on this output, which statements are correct? (Choose two.)

  • A: The all VDOM is not synchronized between the primary and secondary FortiGate devices.
  • B: The root VDOM is not synchronized between the primary and secondary FortiGate devices.
  • C: The global configuration is synchronized between the primary and secondary FortiGate devices.
  • D: The FortiGate devices have three VDOMs.

Question 6
An administrator wants to block HTTP uploads. Examine the exhibit, which contains the proxy address created for that purpose. 


Where must the proxy address be used?

  • A: As the source in a firewall policy.
  • B: As the source in a proxy policy.
  • C: As the destination in a firewall policy.
  • D: As the destination in a proxy policy.

Question 7
Which statement is true regarding SSL VPN timers? (Choose two.)

  • A: Allow to mitigate DoS attacks from partial HTTP requests.
  • B: SSL VPN settings do not have customizable timers.
  • C: Disconnect idle SSL VPN users when a firewall policy authentication timeout occurs.
  • D: Prevent SSL VPN users from being logged out because of high network latency.

Question 8
When using SD-WAN, how do you configure the next-hop gateway address for a member interface so that FortiGate can forward Internet traffic?

  • A: It must be configured in a static route using the sdwan virtual interface.
  • B: It must be provided in the SD-WAN member interface configuration.
  • C: It must be configured in a policy-route using the sdwan virtual interface.
  • D: It must be learned automatically through a dynamic routing protocol.

Question 9
Which of the following services can be inspected by the DLP profile? (Choose three.)

  • A: NFS
  • B: FTP
  • C: IMAP
  • D: CIFS

Question 10
Which of the following statements describe WMI polling mode for the FSSO collector agent? (Choose two.)

  • A: The NetSessionEnum function is used to track user logoffs.
  • B: WMI polling can increase bandwidth usage in large networks.
  • C: The collector agent uses a Windows API to query DCs for user logins.
  • D: The collector agent do not need to search any security event logs.



You can buy ProfExam with a 20% discount..

Get Now!


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen


Use VCE Exam Simulator to open VCE files