NSE4 Online Practice Questions and Answers

Examine the exhibit shown below; then answer the question following it.

Which of the following statements best describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?

A. They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network.

B. They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network.

C. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.

D. They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network.

What are valid options for handling DNS requests sent directly to a FortiGate's interface IP? (Choose three.)

A. Conditional-forward.

B. Forward-only.

C. Non-recursive.

D. Iterative.

E. Recursive.

What are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)

A. DNS server must properly resolve all workstation names

B. The remote registry service must be running in all workstations

C. The collector agent must be installed in one of the Windows domain controllers

D. A same user cannot be logged in into two different workstations at the same time

Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)

A. Manual update by downloading the signatures from the support site.

B. FortiGuard pull updates.

C. Push updates from a FortiAnalyzer.

D. execute fortiguard-AV-AS command from the CLI.

Which are the three different types of Conserve Mode that can occur on a FortiGate device? (Choose three.)

A. Proxy

B. Operating system

C. Kernel

D. System

E. Device

Acme Web Hosting is replacing one of their firewalls with a FortiGate. It must be able to apply port forwarding to their back-end web servers while blocking virus uploads and TCP SYN floods from attackers. Which operation mode is the best choice for these requirements?

A. NAT/route

B. NAT mode with an interface in one-arm sniffer mode

C. Transparent mode

D. No appropriate operation mode exists

Which statement describes what the CLI command diagnose debug authd fsso list is used for?

A. Monitors communications between the FSSO collector agent and FortiGate unit.

B. Displays which users are currently logged on using FSSO.

C. Displays are listing of all connected FSSO collector agents.

D. Lists all DC Agents installed on all domain controllers.

When does a FortiGate load-share traffic between two static routes to the same destination subnet?

A. When they have the same cost and distance.

B. When they have the same distance and the same weight.

C. When they have the same distance and different priority.

D. When they have the same distance and same priority.

Which commands are appropriate for investigating high CPU? (Choose two.)

A. diag sys top

B. diag hardware sysinfo mem

C. diag debug flow

D. get system performance status

You are creating a custom signature. Which has incorrect syntax?

A. F-SBID(--attack_id 1842,--name "Ping.Death";--protocol icmp; --data_size>32000;)

B. F-SBID(--name "Block.SMTP.VRFY.CMD";--pattern "vrfy";-- service SMTP; --no_case;-- context header;)

C. F-SBID(--name "Ping.Death";--protocol icmp;--data_size>32000;)

D. F-SBID(--name "Block".HTTP.POST"; --protocol tcp;-- service HTTP;-- flow from_client; --pattern "POST"; -- context uri;--within 5,context;)