Browse Exams Pricing

ExamsNSE4Questions

NSE4 Exam Questions

552 real NSE4 exam questions with expert-verified answers and explanations. Page 3 of 12.

Question #102Security Profiles and Content Inspection
Which antivirus inspection mode must be used to scan SMTP, FTP, POP3 and SMB protocols?
Antivirus inspectionFortiGate inspection modesFlow-based inspectionSecurity profiles
Question #103FortiGate Deployment and System Configuration
Which antivirus and attack definition update options are supported by FortiGate units? (Choose two.)
FortiGuard UpdatesSecurity DefinitionsFortiGate ManagementAV/IPS Updates
Question #104FortiGate Deployment and System Configuration
Examine the exhibit; then answer the question below. Which statement describes the green status indicators that appear next to the different FortiGuard Distribution Network service...
FortiGuardConnectivityStatus IndicatorsSystem Status
Question #105Firewall Policies and Authentication
For traffic that does match any configured firewall policy, what is the default action taken by the FortiGate?
Firewall policiesDefault actionsImplicit denyTraffic processing
Question #106Firewall and Authentication
What methods can be used to deliver the token code to a user that is configured to use two-factor authentication? (Choose three.)
Two-factor authenticationAuthentication methodsToken deliveryFortiToken
Question #107Firewall Policies and Authentication
The FortiGate port1 is connected to the Internet. The FortiGate port2 is connected to the internal network. Examine the firewall configuration shown in the exhibit; then answer the...
Firewall PolicyAuthenticationDNSUnauthenticated Access
Question #108Firewall Policies and Authentication
When firewall policy authentication is enabled, which protocols can trigger an authentication challenge? (Choose two.)
Firewall authenticationPolicy enforcementApplication protocolsUser authentication
Question #109Firewall Policies and Authentication
Which statement regarding the firewall policy authentication timeout is true?
Firewall policy authenticationAuthentication timeoutIdle timeoutFortiGate sessions
Question #110Firewall Policies and Authentication
Which two statements are true regarding firewall policy disclaimers? (Choose two.)
Firewall Policy DisclaimersFortiGate FeaturesPolicy ConfigurationUser Interaction
Question #111Firewall and Authentication
Which of the following items is NOT a packet characteristic matched by a firewall service object?
FirewallService ObjectsPacket CharacteristicsTCP/IP
Question #112Firewall Policies and Authentication
When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge. Select all supported protocols from the following:
Firewall policyUser authenticationSupported protocolsFortiGate features
Question #113VPN and ZTNA
A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. Which one of the following statements is correct regarding the use of web-only mode SS...
SSL VPNWeb-only modeClient requirementsCipher suites
Question #114VPN and Routing
A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL V...
SSL VPNTunnel ModeAuthenticationSplit Tunneling
Question #115VPN and Routing
In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. Which of the following configuration steps must be perf...
IPSec VPNGateway-to-gateway VPNVPN Tunnel ConfigurationFirewall Policy
Question #116VPN and Routing
How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?
SSL VPNRoutingHost RoutesFortiGate
Question #117VPN and Routing
An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has enabled split tunneling. Given th...
SSL VPNSplit TunnelingClient RoutingFortiGate Policies
Question #118Security Profiles and Content Inspection
Which of the following antivirus and attack definition update options are supported by FortiGate units? (Select all that apply.)
FortiGuardDefinition UpdatesAntivirusIPS
Question #119Security Profiles and Content Inspection
A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode?
FortiGate AntiVirusFlow-based InspectionSecurity ProfilesContent Scanning
Question #120Logging and Monitoring
Which of the following items does NOT support the Logging feature?
LoggingSecurity ProfilesAdministrator ActivitiesSystem Configuration
Question #121FortiGate Deployment and System Configuration
Which of the following is true regarding Switch Port Mode?
FortiGate InterfacesNetwork ConfigurationSoftware SwitchSubnetting
Question #122FortiGate Deployment and System Configuration
An administrator configures a FortiGate unit in Transparent mode on the 192.168.11.0 subnet. Automatic Discovery is enabled to detect any available FortiAnalyzers on the network. W...
FortiAnalyzer DiscoveryNetwork SubnettingAutomatic DiscoveryFortiGate Management
Question #123Logging and Monitoring
Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.)
LoggingMemory LoggingFortiGate LoggingLog Management
Question #124Security Profiles and Content Inspection
Which of the following spam filtering methods are supported on the FortiGate unit? (Select all that apply.)
Spam FilteringEmail SecurityFortiGate AntispamContent Inspection
Question #125Security Profiles and Content Inspection
Which of the following email spam filtering features is NOT supported on a FortiGate unit?
AntispamSpam filteringFortiGate featuresEmail security
Question #126FortiGate Deployment and System Configuration
Examine the exhibit shown below; then answer the question following it. Which of the following statements best describes the green status indicators that appear next to the differe...
FortiGuardStatus IndicatorsConnectivitySystem Health
Question #127FortiGate Deployment and System Configuration
A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are poss...
FortiGuard UpdatesDevice RegistrationNetwork ConnectivityNAT Traversal
Question #128Security Profiles and Content Inspection
A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profil...
Antivirus ProfileEmail FilteringContent InspectionSecurity Profiles
Question #129Security Profiles and Content Inspection
Caching improves performance by reducing FortiGate unit requests to the FortiGuard server. Which of the following statements are correct regarding the caching of FortiGuard respons...
FortiGuard CachingPerformance OptimizationCache ManagementSystem Memory
Question #130Security Profiles and Content Inspection
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)
FortiGuardProduct updatesFortinet ecosystemSecurity intelligence
Question #131Security Profiles and Content Inspection
How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.)
DLPFile FilteringOffice Open XMLFortiGate Configuration
Question #132Firewall Policies and Authentication
What are the valid sub-types for a Firewall type policy? (Select all that apply)
Firewall PoliciesPolicy ElementsUser IdentityDevice Identity
Question #134Firewall Policies and Authentication
In which order are firewall policies processed on the FortiGate unit?
Firewall policiesPolicy processing orderFortiGatePolicy evaluation
Question #135Firewall Policies and Authentication
Which of the following pieces of information can be included in the Destination Address field of a firewall policy? (Select all that apply.)
Firewall policyAddress objectsVirtual IPPolicy configuration
Question #136Firewall Policies and Authentication
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit's GUI and also using the CLI. The command used in the CLI to perform this...
Firewall PoliciesCLI CommandsPolicy OrderingFortiGate Management
Question #137Firewall Policies and Authentication
You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining...
Firewall addressesAddress objectsIP addressingFirewall policies
Question #138Logging and Monitoring
A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices?
FortiAnalyzerFortiGateLog ManagementIPSecSecure Communication
Question #139FortiGate Deployment and System Configuration
Which of the following network protocols are supported for administrative access to a FortiGate unit?
Administrative accessManagement protocolsFortiGate management
Question #140FortiGate Deployment and System Configuration
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?
FortiGate operating modesNAT/Route modeLayer 3 deviceNetwork topology
Question #141Firewall and Authentication
A FortiGate unit can provide which of the following capabilities? (Select all that apply.)
FortiGate capabilitiesFirewallVPNEmail filtering
Question #142FortiGate Deployment and System Configuration
Which of the following methods can be used to access the CLI? (Select all that apply.)
CLI accessManagement interfacesFortiGate administrationSystem access
Question #144FortiGate Deployment and System Configuration
When backing up the configuration file on a FortiGate unit, the contents can be encrypted by enabling the encrypt option and supplying a password. If the password is forgotten, the...
Configuration backupEncryptionPassword recoverySystem administration
Question #145FortiGate Deployment and System Configuration
When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.
Administrative usersAdmin profilesAccess controlFortiGate management
Question #146FortiGate Deployment and System Configuration
Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.)
FortiGuard updatesVirus definitionsFortiGate administrationSystem updates
Question #147FortiGate Deployment and System Configuration
Which of the following statements are true of the FortiGate unit's factory default configuration?
Factory Default ConfigurationInitial SetupManagement InterfaceDefault Login
Question #148FortiGate Deployment and System Configuration
Under the System Information widget on the dashboard, which of the following actions are available for the system configuration? (Select all that apply.)
System ConfigurationDashboardConfiguration ManagementBackup/Restore
Question #149FortiGate Deployment and System Configuration
Encrypted backup files provide which of the following benefits? (Select all that apply.)
EncryptionBackupConfidentialityData Integrity
Question #150FortiGate Deployment and System Configuration
The FortiGate unit's GUI provides a link to update the firmware. Clicking this link will perform which of the following actions?
Firmware UpdateGUISystem Management
Question #151FortiGate Deployment and System Configuration
Which of the following products is designed to manage multiple FortiGate devices?
FortiManagerCentralized ManagementFortinet Products
Question #152Logging and Monitoring
Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices?
FortiAnalyzerLog managementCentralized loggingFortinet products
Question #153FortiGate Deployment and System Configuration
Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)
FortiGate DNSDNS ServerDNS ProxySystem Configuration

PreviousPage 3 of 12Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.