It is more faster and easier to pass the Fortinet NSE4-5.4 exam by using Printable Fortinet Fortinet Network Security Expert - FortiOS 5.4 questuins and answers. Immediate access to the Improved NSE4-5.4 Exam and find the same core area NSE4-5.4 questions with professionally verified answers, then PASS your exam with a high score now.

P.S. Printable NSE4-5.4 resource are available on Google Drive, GET MORE:

New Fortinet NSE4-5.4 Exam Dumps Collection (Question 1 - Question 10)

Question No: 1

View the exhibit.

Which statements about the exhibit are true? (Choose two.)

A. port1-VLAN10 and port2-VLAN10 can be assigned to different VDOMs.

B. port1-VLAN1 is the native VLAN for the port1 physical interface.

C. Traffic between port1-VLAN1 and port2-VLAN1 is allowed by default.

D. Broadcast traffic received in port1-VLAN10 will not be forwarded to port2-VLAN10.

Answer: A,D

Question No: 2

Which statements about DNS filter profiles are true? (Choose two.)

A. They can inspect HTTP traffic.

B. They must be applied in firewall policies with SSL inspection enabled.

C. They can block DNS request to known botnet command and control servers.

D. They can redirect blocked requests to a specific portal.

Answer: C,D

Question No: 3

Which statement is true regarding the policy ID numbers of firewall policies?

A. Change when firewall policies are re-ordered.

B. Defines the order in which rules are processed.

C. Are required to modify a firewall policy from the CLI.

D. Represent the number of objects used in the firewall policy.

Answer: C

Question No: 4

When using WPAD DNS method, what is the FQDN format that browsers use to query the DNS server?

A. wpad.<local-domain>

B. srv_tcp.wpad.<local-domain>

C. srv_proxy.<local-domain>/wpad.dat

D. proxy.<local-domain>.wpad

Answer: A

Question No: 5

If traffic matches a DLP filter with the action set to Quarantine IP Address, what action does the FortiGate take?

A. It blocks all future traffic for that IP address for a configured interval.

B. It archives the data for that IP address.

C. It provides a DLP block replacement page with a link to download the file.

D. It notifies the administrator by sending an email.

Answer: A

Question No: 6

What traffic and attacks can be blocked by a web application firewall (WAF) profile? (Choose three.)

A. Traffic to inappropriate web sites

B. SQL injection attacks

C. Server information disclosure attacks

D. Credit card data leaks

E. Traffic to botnet command and control (C&C) servers

Answer: B,C,E

Question No: 7

What does the command diagnose debuf fsso-polling refresh-user do?

A. It refreshes user group information form any servers connected to the FortiGate using a collector agent.

B. It refreshes all users learned through agentless polling.

C. It displays status information and some statistics related with the polls done by FortiGate on each DC.

D. It enables agentless polling mode real-time debug.

Answer: C

Question No: 8

What step is required to configure an SSL VPN to access to an internal server using port forward mode?

A. Configure the virtual IP addresses to be assigned to the SSL VPN users.

B. Install FortiClient SSL VPN client

C. Create a SSL VPN realm reserved for clients using port forward mode.

D. Configure the client application to forward IP traffic to a Java applet proxy.

Answer: D

Question No: 9

View the exhibit.

When a user attempts to connect to an HTTPS site, what is the expected result with this configuration?

A. The user is required to authenticate before accessing sites with untrusted SSL certificates.

B. The user is presented with certificate warnings when connecting to sites that have untrusted SSL certificates.

C. The user is allowed access all sites with untrusted SSL certificates, without certificate warnings.

D. The user is blocked from connecting to sites that have untrusted SSL certificates (no exception provided).

Answer: B

Question No: 10

Examine the routing database.

Which of the following statements are correct? (Choose two.)

A. The port3 default route has the lowest metric, making it the best route.

B. There will be eight routes active in the routing table.

C. The port3 default has a higher distance than the port1 and port2 default routes.

D. Both port1 and port2 default routers are active in the routing table.

Answer: C,D

Explanation: There\\'s no metric concept on Fortigate, Only admin distance and priority

Recommend!! Get the Printable NSE4-5.4 dumps in VCE and PDF From Certifytools, Welcome to download: (New Q&As Version)