P.S. Best Quality NSE4-5.4 training tools are available on Google Drive, GET MORE: https://drive.google.com/open?id=1qNqkyfzMtD_JBMTiOJF0Q0poKyl3pZ-7
New Fortinet NSE4-5.4 Exam Dumps Collection (Question 2 - Question 11)
New Questions 2
A FortiGate interface is configured with the following commands:
What statements about the configuration are correct? (Choose two.)
A. IPv6 clients connected to port1 can use SLAAC to generate their IPv6 addresses.
B. FortiGate can provide DNS settings to IPv6 clients.
C. FortiGate can send IPv6 router advertisements (RAs.)
D. FortiGate can provide IPv6 addresses to DHCPv6 client.
Answer: A,C
New Questions 3
What is FortiGateu2021s behavior when local disk logging is disabled?
A. Only real-time logs appear on the FortiGate dashboard.
B. No logs are generated.
C. Alert emails are disabled.
D. Remote logging is automatically enabled.
Answer: A
New Questions 4
Which traffic inspection features can be executed by a security processor (SP)? (Choose three.)
A. TCP SYN proxy
B. SIP session helper
C. Proxy-based antivirus
D. Attack signature matching
E. Flow-based web filtering
Answer: C,D,E
New Questions 5
A FortiGate is operating in NAT/Route mode and configured with two virtual LAN (VLAN) sub-interfaces added to the same physical interface.
Which statement about the VLAN IDs in this scenario is true?
A. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.
B. The two VLAN sub-interfaces must have different VLAN IDs.
C. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in the same subnet.
D. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.
Answer: C
New Questions 6
What traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)
A. Traffic to inappropriate web sites
B. SQL injection attacks
C. Server information disclosure attacks
D. Credit card data leaks
E. Traffic to botnet command and control (C&C) servers
Answer: B,C,E
New Questions 7
Which configuration steps must be performed on both units to support this scenario? (Choose three.)
A. Define the phase 2 parameters.
B. Set the phase 2 encapsulation method to transport mode.
C. Define at least one firewall policy, with the action set to IPsec.
D. Define a route to the remote network over the IPsec tunnel.
E. Define the phase 1 parameters, without enabling IPsec interface mode.
Answer: A,D,E
New Questions 8
View the exhibit.
When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?
A. The user is required to authenticate before accessing sites with untrusted SSL certificates.
B. The user is presented with certificate warnings when connecting to sites that have untrusted SSL certificates.
C. The user is allowed access all sites with untrusted SSL certificates, without certificate warnings.
D. The user is blocked from connecting to sites that have untrusted SSL certificates (no exception provided).
Answer: B
New Questions 9
Which statements correctly describe transparent mode operation? (Choose three.)
A. All interfaces of the transparent mode FortiGate device must be on different IP subnets.
B. The transparent FortiGate is visible to network hosts in an IP traceroute.
C. It permits inline traffic inspection and firewalling without changing the IP scheme of the network.
D. Ethernet packets are forwarded based on destination MAC addresses, not IP addresses.
E. The FortiGate acts as transparent bridge and forwards traffic at Layer-2.
Answer: C,D,E
New Questions 10
View the Exhibit.
The administrator needs to confirm that FortiGate 2 is properly routing that traffic to the 10.0.1.0/24 subnet. The administrator needs to confirm it by sending ICMP pings to FortiGate 2 from the CLI of FortiGate 1. What ping option needs to be enabled before running the ping?
A. Execute ping-options source port1
B. Execute ping-options source 10.200.1.1.
C. Execute ping-options source 10.200.1.2
D. Execute ping-options source 10.0.1.254
Answer: D
New Questions 11
Which statements about IP-based explicit proxy authentication are true? (Choose two.)
A. IP-based authentication is best suited to authenticating users behind a NAT device.
B. Sessions from the same source address are treated as a single user.
C. IP-based authentication consumes less FortiGateu2021s memory than session-based authentication.
D. FortiGate remembers authenticated sessions using browser cookies.
Answer: B,C
P.S. Easily pass NSE4-5.4 Exam with Certleader Best Quality Dumps & pdf vce, Try Free: https://www.certleader.com/NSE4-5.4-dumps.html ( New Questions)