Want to Pass NSE4-5.4 Exam In Next HOURS? Download Now →
September 25, 2018

What Refresh NSE4-5.4 Is?

Free Instant Download NEW NSE4-5.4 Exam Dumps (PDF & VCE):
Available on: https://www.certshared.com/exam/NSE4-5.4/

P.S. Pinpoint NSE4-5.4 testing material are available on Google Drive, GET MORE: https://drive.google.com/open?id=1qNqkyfzMtD_JBMTiOJF0Q0poKyl3pZ-7

New Fortinet NSE4-5.4 Exam Dumps Collection (Question 2 - Question 11)

New Questions 2

An administrator has created a custom IPS signature. Where does the custom IPS signature have to be applied?

A. In an IPS sensor

B. In an interface.

C. In a DoS policy.

D. In an application control profile.

Answer: A

New Questions 3

Which statement about this configuration is correct?

A. The FortiGate generates spanning tree BPDU frames.

B. The FortiGate device forwards received spanning tree BPDU frames.

C. The FortiGate can block an interface if a layer-2 loop is detected.

D. Ethernet layer-2 loops are likely to occur.

Answer: B

New Questions 4

An administrator has configured two VLAN interfaces:

A DHCP server is connected to the VLAN10 interface. A DHCP client is connected to the VLAN5 interface. However, the DHCP client cannot get a dynamic IP address from the DHCP server. What is the cause of the problem?

A. Both interfaces must be in different VDOMs

B. Both interfaces must have the same VLAN ID.

C. The role of the VLAN10 interface must be set to server.

D. Both interfaces must belong to the same forward domain.

Answer: D

New Questions 5

Which statement about the firewall policy authentication timeout is true?

A. It is a hard timeout. The FortiGate removes the temporary policy for a useru2019s source IP address after this times expires.

B. It is a hard timeout. The FortiGate removes the temporary policy for a useru2019s source MAC address after this times expires.

C. It is an idle timeout. The FortiGate considers a user to be idle if it does not see any

packets coming from the useru2019s source MAC address.

D. It is an idle timeout. The FortiGate considers a user to be idle if it does not see any packets coming from the useru2019s source IP.

Answer: D

New Questions 6

Which of the following statements describe WMI polling mode for FSSO collector agent? (Choose two.)

A. The collector agent does not need to search any security event logs.

B. WMI polling can increase bandwidth usage with large networks.

C. The NetSessionEnum function is used to track user logoffs.

D. The collector agent uses a Windows API to query DCs for user logins.

Answer: B,D

New Questions 7

Which statements best describe auto discovery VPN (ADVPN). (Choose two.)

A. It requires the use of dynamic routing protocols so that spokes can learn the routes to other spokes.

B. ADVPN is only supported with IKEv2.

C. Tunnels are negotiated dynamically between spokes.

D. Every spoke requires a static tunnel to be configured to other spokes so that phase 1 and phase 2 proposals are defined in advance.

Answer: A,C

New Questions 8

Which of the following statements are true? (Choose two.)

A. Browsers can be configured to retrieve this PAC file from the FortiGate.

B. Any web request to the subnet is allowed to bypass the proxy.

C. All requests not made to Fortinet.com or the subnet, have to go through altproxy.corp.com: 8060.

D. Any web request fortinet.com is allowed to bypass the proxy.

Answer: A

New Questions 9

Which statements about high availability (HA) for FortiGates are true? (Choose two.)

A. Virtual clustering can be configured between two FortiGate devices with multiple VDOM.

B. Heartbeat interfaces are not required on the primary device.

C. HA management interface settings are synchronized between cluster members.

D. Sessions handled by UTM proxy cannot be synchronized.

Answer: A,C

New Questions 10

What is FortiGateu2019s behavior when local disk logging is disabled?

A. Only real-time logs appear on the FortiGate dashboard.

B. No logs are generated.

C. Alert emails are disabled.

D. Remote logging is automatically enabled.

Answer: A

New Questions 11

Under what circumstance would you enable LEARN as the Action on a firewall policy?

A. You want FortiGate to compile security feature activity from various security-related logs, such as virus and attack logs.

B. You want FortiGate to monitor a specific security profile in a firewall policy, and provide recommendations for that profile.

C. You want to capture data across all traffic and security vectors, and receive learning logs and a report with recommendations.

D. You want FortiGate to automatically modify your firewall policies as it learns your networking behavior.

Answer: B

P.S. Easily pass NSE4-5.4 Exam with Thedumpscentre Pinpoint Dumps & pdf vce, Try Free: http://www.thedumpscentre.com/NSE4-5.4-dumps/ ( New Questions)