NSE4 Online Practice Questions and Answers

If you have lost your password for the "admin" account on your FortiGate, how should you reset it?

A. Log in with another administrator account that has "super_admin" profile permissions, then reset the password for the "admin" account.

B. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to format the flash disk and reinstall the firmware. Then you can log in with the default password.

C. Power off the FortiGate. After several seconds, restart it. Via the local console, within 30 seconds after booting has completed, log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.

D. Reboot the FortiGate. Via the local console, during the boot loader, use the menu to log in as "maintainer" and enter the CLI commands to set the password for the "admin" account.

Which web filtering inspection mode inspects DNS traffic?

A. DNS-based.

B. FQDN-based.

C. Flow-based.

D. URL-based.

Which of the following are operating mode supported in FortiGate devices? (Choose two)

A. Proxy

B. Transparent

C. NAT/route

D. Offline inspection

Which authentication methods does FortiGate support for firewall authentication? (Choose two.)

A. Remote Authentication Dial in User Service (RADIUS)

B. Lightweight Directory Access Protocol (LDAP)

C. Local Password Authentication

D. POP3

E. Remote Password Authentication

Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it.

Which of the following statements correctly describes the static routing configuration provided above?

A. The FortiGate evenly shares the traffic to 172.20.168.0/24 through both routes.

B. The FortiGate shares the traffic to 172.20.168.0/24 through both routes, but the port2 route will carry approximately twice as much of the traffic.

C. The FortiGate sends all the traffic to 172.20.168.0/24 through port1.

D. Only the route that is using port1 will show up in the routing table.

A FortiGate devices has two VDOMs in NAT/route mode. Which of the following solutions can be implemented by a network administrator to route traffic between the two VDOMs.(Choose two)

A. Use the inter-VDOMs links automatically created between all VDOMS.

B. Manually create and configured an inter-VDOM link between yours.

C. Interconnect and configure an external physical interface in one VDOM to another physical interface in the second VDOM.

D. Configure both VDOMs to share the same table.

Which of the following email spam filtering features is NOT supported on a FortiGate unit?

A. Multipurpose Internet Mail Extensions (MIME) Header Check

B. HELO DNS Lookup

C. Greylisting

D. Banned Word

Review the IPS sensor filter configuration shown in the exhibit.

Based on the information in the exhibit, which statements are correct regarding the filter? (Choose two.)

A. It does not log attacks targeting Linux servers.

B. It matches all traffic to Linux servers.

C. Its action will block traffic matching these signatures.

D. It only takes affect when the sensor is applied to a policy.

What is the FortiGate password recovery process?

A. Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.

B. Log in through the console port using the ''maintainer'' account within several seconds of physically power cycling the FortiGate.

C. Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password.

D. Interrupt the boot sequence and restore a configuration file for which the password has been modified.

You are creating a custom signature. Which has incorrect syntax?

A. F-SBID(--attack_id 1842,--name "Ping.Death";--protocol icmp; --data_size>32000;)

B. F-SBID(--name "Block.SMTP.VRFY.CMD";--pattern "vrfy";-- service SMTP; --no_case;-- context header;)

C. F-SBID(--name "Ping.Death";--protocol icmp;--data_size>32000;)

D. F-SBID(--name "Block".HTTP.POST"; --protocol tcp;-- service HTTP;-- flow from_client; --pattern "POST"; -- context uri;--within 5,context;)