This page was exported from Braindump2go Free Exam Dumps with PDF and VCE Collection [ https://www.mcitpdump.com ] Export date:Thu Mar 28 10:36:16 2024 / +0000 GMT ___________________________________________________ Title: [Dec-2017-New]100% Real NSE4 PDF NSE4 Exam Dumps 562Q-Braindump2go[Q101-Q111] --------------------------------------------------- 2017 Dec New Fortinet NSE4 Exam Dumps wuth PDF and VCE Free Updated Today! Following are some new added NSE4 Exam Questions:1.|2017 New NE4 Exam Dumps (PDF & VCE) 562Q&As Download:https://www.braindump2go.com/nse4.html2.|2017 New NE4 Exam Questions & Answers Download:https://drive.google.com/drive/folders/0B75b5xYLjSSNVi1ISU1vQUxBOTg?usp=sharing QUESTION 101Which statement is correct regarding virus scanning on a FortiGate unit?A. Virus scanning is enabled by default.B. Fortinet customer support enables virus scanning remotely for you.C. Virus scanning must be enabled in a security profile, which must be applied to a firewall policy.D. Enabling virus scanning in a security profile enables virus protection for all traffic flowing through the FortiGate.Answer: CQUESTION 102Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols?A. Proxy-based.B. DNS-based.C. Flow-based.D. Man-in-the-middle.Answer: CQUESTION 103Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)A. Manual update by downloading the signatures from the support site.B. Pull updates from the FortiGate.C. Push updates from a FortiAnalyzer.D. execute fortiguard-AV-AS command from the CLI.Answer: ABQUESTION 104Examine the exhibit; then answer the question below. Which statement describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?A. They indicate that the FortiGate has the latest updates available from the FortiGuard Distribution Network.B. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.C. They indicate that the FortiGate is in the process of downloading updates from the FortiGuard Distribution Network.D. They indicate that the FortiGate is able to connect to the FortiGuard Distribution Network.Answer: DQUESTION 105For traffic that does match any configured firewall policy, what is the default action taken by the FortiGate?A. The traffic is allowed and no log is generated.B. The traffic is allowed and logged.C. The traffic is blocked and no log is generated.D. The traffic is blocked and logged.Answer: CQUESTION 106What methods can be used to deliver the token code to a user that is configured to use two-factor authentication? (Choose three.)A. Browser pop-up window.B. FortiToken.C. Email.D. Code books.E. SMS phone message.Answer: BCEQUESTION 107The FortiGate port1 is connected to the Internet. The FortiGate port2 is connected to the internal network. Examine the firewall configuration shown in the exhibit; then answer the question below. Based on the firewall configuration illustrated in the exhibit, which statement is correct?A. A user that has not authenticated can access the Internet using any protocol that does not trigger an authentication challenge.B. A user that has not authenticated can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP.C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access all Internet services.D. DNS Internet access is always allowed, even for users that has not authenticated.Answer: DQUESTION 108When firewall policy authentication is enabled, which protocols can trigger an authentication challenge? (Choose two.)A. SMTPB. POP3C. HTTPD. FTPAnswer: CDQUESTION 109Which statement regarding the firewall policy authentication timeout is true?A. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source IP.B. It is a hard timeout. The FortiGate removes the temporary policy for a user's source IP address after this timer has expired.C. It is an idle timeout. The FortiGate considers a user to be "idle" if it does not see any packets coming from the user's source MAC.D. It is a hard timeout. The FortiGate removes the temporary policy for a user's source MAC address after this timer has expired.Answer: AQUESTION 110Which two statements are true regarding firewall policy disclaimers? (Choose two.)A. They cannot be used in combination with user authentication.B. They can only be applied to wireless interfaces.C. Users must accept the disclaimer to continue.D. The disclaimer page is customizable.Answer: CDQUESTION 111Which of the following items is NOT a packet characteristic matched by a firewall service object?A. ICMP type and codeB. TCP/UDP source and destination portsC. IP protocol numberD. TCP sequence numberAnswer: D!!!RECOMMEND!!!1.|2017 New NE4 Exam Dumps (PDF & VCE) 562Q&As Download:https://www.braindump2go.com/nse4.html2.|2017 New NE4 Study Guide Video:https://youtu.be/f3R19h6C1q --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2017-12-26 08:32:21 Post date GMT: 2017-12-26 08:32:21 Post modified date: 2017-12-26 08:32:21 Post modified date GMT: 2017-12-26 08:32:21 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com