Browse Exams Pricing

ExamsNSE4Questions

NSE4 Exam Questions

552 real NSE4 exam questions with expert-verified answers and explanations. Page 4 of 12.

Question #154FortiGate Deployment and System Configuration
The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________.
Default ConfigurationAdministrator ProfilesUser ManagementFortiGate Administration
Question #155Logging and Monitoring
Which of the following logging options are supported on a FortiGate unit? (Select all that apply.)
LoggingFortiGate logging optionsSyslogFortiAnalyzer
Question #156Firewall Policies and Authentication
In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed:
Identity-based policyFortiGate policy logicUser authenticationPolicy enforcement
Question #157Firewall Policies and Authentication
Which of the following statements regarding the firewall policy authentication timeout is true?
Firewall PolicyAuthentication TimeoutIdle TimeoutUser Authentication
Question #158Firewall and Authentication
Two-factor authentication is supported using the following methods? (Select all that apply.)
Two-factor authenticationFortiTokenAuthentication methodsFortiGate security
Question #159Firewall and Authentication
Which of the following statements are true regarding Local User Authentication? (Select all that apply.)
Local User AuthenticationFortiGate UsersAuthentication MethodsTwo-Factor Authentication
Question #160Firewall Policies and Authentication
Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.)
Firewall policiesDisclaimersUser authenticationCustomization
Question #161Firewall Policies and Authentication
Examine the firewall configuration shown below; then answer the question following it. Which of the following statements are correct based on the firewall configuration illustrated...
Firewall AuthenticationFirewall PoliciesUser Access ControlProtocol Filtering
Question #162VPN and Routing
When browsing to an internal web server using a web-mode SSL VPN bookmark, from which of the following source IP addresses would the web server consider the HTTP request to be init...
SSL VPNWeb-mode VPNSource IP addressFortiGate proxy
Question #163VPN and Routing
An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. Which of the following statements b...
SSL VPNTroubleshootingMulti-WANRouting
Question #164VPN and Routing
You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from e...
IPsec VPNInterface Mode VPNFortiGate RoutingFirewall Policies
Question #165Security Profiles and Content Inspection
Which email filter is NOT available on a FortiGate device?
Email FilteringAnti-SpamSecurity ProfilesContent Inspection
Question #166Logging and Monitoring
A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. In addition, the system setting `utm-incident-traffic-log' has been enabl...
UTM LoggingTraffic LogsSystem SettingsFirewall Policy Logging
Question #167Logging and Monitoring
Which one of the following statements is correct about raw log messages?
Log structureRaw logsFortiGate logging
Question #168Logging and Monitoring
Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?
SNMPv3Network MonitoringSecurity ProtocolsFortiGate Management
Question #169Firewall and Authentication
Which of the following authentication types are supported by FortiGate units? (Select all that apply.)
FortiGate authenticationAuthentication typesUser management
Question #170Firewall Policies and Authentication
Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)
User GroupsAuthenticationFortiGate Configuration
Question #171Security Profiles and Content Inspection
Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding ove...
Web FilteringFortiGuardUser AuthenticationSecurity Profiles
Question #172Security Profiles and Content Inspection
Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding ove...
Web FilteringFortiGuardOverridesUser Groups
Question #173Firewall Policies and Authentication
An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the use...
Certificate AuthenticationPKIUser GroupsFortiGate Authentication
Question #174Firewall and Authentication
The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication proc...
RADIUSAuthentication ProtocolsFortiGate AuthenticationUser Authentication
Question #175Firewall Policies and Authentication
Which of the following are valid components of the Fortinet Server Authentication Extensions (FSAE)? (Select all that apply.)
FSAE ComponentsFortinet Single Sign-OnAuthentication IntegrationCollector Agent
Question #176VPN and Routing
A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (S...
SSL VPNTunnel ModeFortiClientVPN Client
Question #178Security Profiles and Content Inspection
Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)
FortiGuard updatesAntivirus definitionsAttack definitionsFortiGate features
Question #179Security Profiles and Content Inspection
By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action?
IPSDefault SettingsSecurity ProfilesContent Inspection
Question #180Security Profiles and Content Inspection
A FortiGate unit can scan for viruses on which types of network traffic? (Select all that apply.)
AntivirusContent InspectionApplication ProtocolsFortiGate Features
Question #181Security Profiles and Content Inspection
Which of the following statements regarding Banned Words are correct? (Select all that apply.)
Banned WordsContent InspectionSecurity ProfilesWeb Filtering
Question #183Security Profiles and Content Inspection
Which of the following statements is correct regarding URL Filtering on the FortiGate unit?
URL FilteringWeb Filtering ProfileFortiGate ActionsSecurity Profiles
Question #184Security Profiles and Content Inspection
Which of the following statements is correct regarding URL Filtering on the FortiGate unit?
URL FilteringWeb Filter ProfileRegular ExpressionsFortiGate Configuration
Question #185Security Profiles and Content Inspection
Which of the following Regular Expression patterns will make the term "bad language" case insensitive?
Regular ExpressionsCase InsensitivityPattern MatchingFortiGate Security Profiles
Question #186Security Profiles and Content Inspection
SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing a...
SSL InspectionRoot CertificatesCertificate TrustBrowser Warnings
Question #187Firewall Policies and Authentication
Which of the following statements describes the method of creating a policy to block access to an FTP site?
Firewall PoliciesFTP BlockingService ConfigurationDestination Address
Question #188Firewall Policies and Authentication
UTM features can be applied to which of the following items?
UTMFirewall PoliciesSecurity Profiles
Question #189Firewall Policies and Authentication
Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function.How are UTM features applied to traffic?
UTM featuresFirewall policiesTraffic inspectionSecurity profiles
Question #190Firewall Policies and Authentication
If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between...
firewall policyimplicit denydefault actiontraffic blocking
Question #191VPN and ZTNA
Which of the following products can be installed on a computer running Windows XP to provide personal firewall protection, antivirus protection, web and mail filtering, spam filter...
FortiClientEndpoint SecurityVPN clientAntivirus
Question #192Security Profiles and Content Inspection
File blocking rules are applied before which of the following?
File BlockingSecurity ProfilesInspection OrderUTM Features
Question #193Firewall Policies and Authentication
Which of the following pieces of information can be included in the Destination Address field of a firewall policy?
Firewall PoliciesDestination AddressesVirtual IPs (VIPs)IP Address Objects
Question #194Firewall Policies and Authentication
FortiGate units are preconfigured with four default protection profiles. These protection profiles are used to control the type of content inspection to be performed. What action m...
Security ProfilesFirewall PoliciesContent InspectionProfile Activation
Question #195Firewall Policies and Authentication
A FortiGate 60 unit is configured for your small office. The DMZ interface is connected to a network containing a web server and email server. The Internal interface is connected t...
Firewall PoliciesTraffic FlowNetwork ZonesEmail Communication
Question #196Firewall Policies and Authentication
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate Web Config and also using the CLI. The command used in the CLI to perform this...
Firewall PoliciesCLI CommandsPolicy OrderingFortiGate CLI
Question #197FortiGate Deployment and System Configuration
Which of the following network protocols can be used to access a FortiGate unit as an administrator?
Management protocolsFortiGate administrationNetwork accessGUI/CLI access
Question #198FortiGate Deployment and System Configuration
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?
NAT/Route ModeIP AddressingNetwork Address TranslationPrivate IP Addresses
Question #199FortiGate Deployment and System Configuration
Which of the following statements correctly describes how a FortiGate unit functions in Transparent mode?
FortiGate Transparent ModeDeployment ModesManagement IPLayer 2 Bridging
Question #200FortiGate Deployment and System Configuration
The Idle Timeout setting on a FortiGate unit applies to which of the following?
FortiGate administrationAdmin session timeoutSystem configurationSecurity access
Question #201Firewall Policies and Authentication
You wish to create a firewall policy that applies only to traffic intended for your web server. The server has an IP address of 192.168.2.2 and belongs to a class C subnet.When def...
Firewall policiesFirewall addressesHost objectsIP addressing
Question #202FortiGate Deployment and System Configuration
If a FortiGate unit has a dmz interface IP address of 210.192.168.2 with a subnet mask of 255.255.255.0, what is a valid dmz DHCP addressing range?
IP AddressingSubnettingDHCPNetwork Configuration
Question #203Firewall and Authentication
A FortiGate unit can act as which of the following? (Select all that apply.)
FortiGate capabilitiesFirewall functionsVPN gatewayAntispam
Question #204FortiGate Deployment and System Configuration
Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.)
FortiGate hardwareHardware componentsFortiASICSerial console
Question #205FortiGate Deployment and System Configuration
Which of the following methods can be used to access the CLI? (Select all that apply.)
CLI access methodsFortiGate administrationManagement interfacesSSH/Telnet

PreviousPage 4 of 12Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.