NSE4 Exam - Free Fortinet Questions and Answers

Question #1 (Topic: )

Review the IPsec phase 1 configuration in the exhibit; then answer the question below.
[Fortinet-NSE4-12.0/Fortinet-NSE4-2_2.png]
Which statements are correct regarding this configuration? (Choose two.)

A. The remote gateway address is 10.200.3.1 B. The local IPsec interface address is 10.200.3.1 C. The local gateway IP is the address assigned to port1 D. The local gateway IP is 10.200.3.1

Answer: A,C

Question #2 (Topic: )

Which of the following statements is correct regarding FortiGate interfaces and spanning
tree protocol? (Choose Two)

A. Only FortiGate switch interfaces Participate in spanning tree. B. All FortiGate interfaces in transparent mode VDOMs participate in spanning tree. C. All FortiGate interfaces in NAT/route mode VDOMs Participate in spanning tree. D. All FortiGate interfaces in transparent mode VDOMs may block or forward BPDUs.

Answer: B,D

Question #3 (Topic: )

Which statements are correct properties of a partial mesh VPN deployment. (Choose two.)

A. VPN tunnels interconnect between every single location. B. VPN tunnels are not configured between every single location. C. Some location may be reachable via a hub location. D. There are no hub locations in a partial mesh.

Answer: B,C

Question #4 (Topic: )

Which statement best describes what SSL.root is?

A. The name of the virtual network adapter required in each user's PC for SSL VPN Tunnel mode. B. The name of a virtual interface in the root VDOM where all the SSL VPN user traffic comes from. C. A Firewall Address object that contains the IP addresses assigned to SSL VPN users. D. The virtual interface in the root VDOM that the remote SSL VPN tunnels connect to.

Answer: B

Question #5 (Topic: )

Which web filtering inspection mode inspects DNS traffic?

A. DNS-based. B. FQDN-based. C. Flow-based. D. URL-based.

Answer: A

Fortinet NSE4 - Fortinet Network Security Expert 4 Exam