[2016-Sep.-NEW]Free NSE4 VCE and PDF Dumps Offered by Braindump2go[220-230]

2016/09 New NSE4: Fortinet Network Security Professional Exam Questions Updated Today!

Free Download NSE4 Exam Dumps(PDF & VCE) 294Q&As from Braindump2go.com Today!
100% Real Exam Questions!       100% Exam Pass Guaranteed!

NEW QUESTION 220 – NEW QUESTION 230:

1.|2016/09 New NSE4 Exam Dumps(PDF & VCE)294Q&As Dowbload:http://www.braindump2go.com/nse4.html
2.|2016/09 New NSE4 Exam Questions & Answers:https://drive.google.com/folderview?id=0B75b5xYLjSSNMVFlbFVYbm15N1k&usp=sharing

QUESTION 220
Examine the exhibit shown below then answer the question that follows it.
 
Within the UTM Proxy Options, the CA certificate Fortinet_CA_SSLProxy defines which of the following:

A.    FortiGate unit’s encryption certificate used by the SSL proxy.
B.    FortiGate unit’s signing certificate used by the SSL proxy.
C.    FortiGuard’s signing certificate used by the SSL proxy.
D.    FortiGuard’s encryption certificate used by the SSL proxy.

Answer: A

QUESTION 221
Shown below is a section of output from the debug command diag ip arp list.
index=2 ifname=port1 172.20.187.150 00:09:0f:69:03:7e state=00000004 use=4589 confirm=4589 update=2422 ref=1
In the output provided, which of the following best describes the IP address
172.20.187.150?

A.    It is the primary IP address of the port1 interface.
B.    It is one of the secondary IP addresses of the port1 interface.
C.    It is the IP address of another network device located in the same LAN segment as the FortiGate unit’s port1 interface.

Answer: C

QUESTION 222
Review the output of the command get router info routing-table all shown in the Exhibit below; then answer the question following it.
 
Which one of the following statements correctly describes this output?

A.    The two routes to the 10.0.2.0/24 subnet are ECMP routes and traffic will be load balanced based on the configured ECMP settings.
B.    The route to the 10.0.2.0/24 subnet via interface Remote_1 is the active and the route via Remote_2 is the backup.
C.    OSPF does not support ECMP therefore only the first route to subnet 10.0.1.0/24 is used.
D.    172.16.2.1 is the preferred gateway for subnet 10.0.2.0/24.

Answer: A

QUESTION 223
Review the IPsec phase1 configuration in the Exhibit shown below; then answer the question following it.
 
Which of the following statements are correct regarding this configuration? (Select all that apply).

A.    The phase1 is for a route-based VPN configuration.
B.    The phase1 is for a policy-based VPN configuration.
C.    The local gateway IP is the address assigned to port1.
D.    The local gateway IP address is 10.200.3.1.

Answer: AC

QUESTION 224
Review the output of the command config router ospf shown in the Exhibit below; then answer the question following it.
 
Which one of the following statements is correct regarding this output?

A.    OSPF Hello packets will only be sent on interfaces configured with the IP addresses
172.16.1.1 and 172.16.1.2.
B.    OSPF Hello packets will be sent on all interfaces of the FortiGate device.
C.    OSPF Hello packets will be sent on all interfaces configured with an address matching the 10.0.1.0/24 and 172.16.0.0/12 networks.
D.     OSPF Hello packets are not sent on point-to-point networks.

Answer: C

QUESTION 225
Examine the static route configuration shown below; then answer the question following it.
config router static
edit 1
set dst 172.20.1.0 255.255.255.0
set device port1
set gateway 172.11.12.1
set distance 10
set weight 5
next
edit 2
set dst 172.20.1.0 255.255.255.0
set blackhole enable
set distance 5
set weight 10
next
end
Which of the following statements correctly describes the static routing configuration provided? (Select all that apply.)

A.    All traffic to 172.20.1.0/24 will always be dropped by the FortiGate unit.
B.    As long as port1 is up, all the traffic to 172.20.1.0/24 will be routed by the static route number 1. If the interface port1 is down, the traffic will be routed using the blackhole route.
C.    The FortiGate unit will NOT create a session entry in the session table when the traffic is being routed by the blackhole route.
D.    The FortiGate unit will create a session entry in the session table when the traffic is being routed by the blackhole route.
E.    Traffic to 172.20.1.0/24 will be shared through both routes.

Answer: AC

QUESTION 226
Which of the following statements are correct regarding virtual domains (VDOMs)? (Select all that apply.)

A.    VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.
B.    A management VDOM handles SNMP, logging, alert email, and FDN-based updates.
C.    VDOMs share firmware versions, as well as antivirus and IPS databases.
D.    Only administrative users with a ‘super_admin’ profile will be able to enter multiple VDOMs to make configuration changes.

Answer: ABC

QUESTION 227
Which of the following statements are TRUE for Port Pairing and Forwarding Domains? (Select all that apply.)

A.    They both create separate broadcast domains.
B.    Port Pairing works only for physical interfaces.
C.    Forwarding Domains only apply to virtual interfaces.
D.    They may contain physical and/or virtual interfaces.
E.    They are only available in high-end models.

Answer: AD

QUESTION 228
Examine the Exhibits shown below, then answer the question that follows.
Review the following DLP Sensor (Exhibit 1):
 
Review the following File Filter list for rule #1 (Exhibit 2):
 
Review the following File Filter list for rule #2 (Exhibit 3):
 
Review the following File Filter list for rule #3 (Exhibit 4):
 
An MP3 file is renamed to `workbook.exe’ and put into a ZIP archive. It is then sent through the FortiGate device over HTTP. It is intercepted and processed by the configuration shown in the above Exhibits 1-4.
Assuming the file is not too large for the File scanning threshold, what action will the FortiGate unit take?

A.    The file will be detected by rule #1 as an `Audio (mp3)’, a log entry will be created and it will be allowed to pass through.
B.    The file will be detected by rule #2 as a “*.exe”, a log entry will be created and the interface that received the traffic will be brought down.
C.    The file will be detected by rule #3 as an Archive(zip), blocked, and a log entry will be created.
D.    Nothing, the file will go undetected.

Answer: A

QUESTION 229
What are the requirements for a cluster to maintain TCP connections after device or link failover? (Select all that apply.)

A.    Enable session pick-up.
B.    Only applies to connections handled by a proxy.
C.    Only applies to UDP and ICMP connections.
D.    Connections must not be handled by a proxy.

Answer: AD

QUESTION 230
What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully-meshed set of IPSec tunnels? (Select all that apply.)

A.    Using a hub and spoke topology is required to achieve full redundancy.
B.    Using a hub and spoke topology simplifies configuration because fewer tunnels are required.
C.    Using a hub and spoke topology provides stronger encryption.
D.    The routing at a spoke is simpler, compared to a meshed node.

Answer: BD


!!!RECOMMEND!!!

1.Braindump2go |2016/09 New NSE4 PDF & NSE4 VCE 294Q&As Dowbload:

http://www.braindump2go.com/nse4.html

2.Braindump2go |2016/09 New NSE4 Questions & Answers:

https://drive.google.com/folderview?id=0B75b5xYLjSSNMVFlbFVYbm15N1k&usp=sharing

         

Categories Fortinet Exam/NSE4 Exam Dumps/NSE4 Exam Questions/NSE4 PDF Dumps/NSE4 VCE Dumps

Post Author: mavis

Categories

Archives

Cisco Exam Dumps Download

200-301 PDF and VCE Dumps

200-901 PDF and VCE Dumps

350-901 PDF and VCE Dumps

300-910 PDF and VCE Dumps

300-915 PDF and VCE Dumps

300-920 PDF and VCE Dumps

350-401 PDF and VCE Dumps

300-410 PDF and VCE Dumps

300-415 PDF and VCE Dumps

300-420 PDF and VCE Dumps

300-425 PDF and VCE Dumps

300-430 PDF and VCE Dumps

300-435 PDF and VCE Dumps

350-401 PDF and VCE Dumps

350-401 PDF and VCE Dumps

350-801 PDF and VCE Dumps

300-810 PDF and VCE Dumps

300-815 PDF and VCE Dumps

300-820 PDF and VCE Dumps

300-835 PDF and VCE Dumps

350-801 PDF and VCE Dumps

200-201 PDF and VCE Dumps

350-601 PDF and VCE Dumps

300-610 PDF and VCE Dumps

300-615 PDF and VCE Dumps

300-620 PDF and VCE Dumps

300-625 PDF and VCE Dumps

300-635 PDF and VCE Dumps

600-660 PDF and VCE Dumps

350-601 PDF and VCE Dumps

352-001 PDF and VCE Dumps

350-701 PDF and VCE Dumps

300-710 PDF and VCE Dumps

300-715 PDF and VCE Dumps

300-720 PDF and VCE Dumps

300-725 PDF and VCE Dumps

300-730 PDF and VCE Dumps

300-735 PDF and VCE Dumps

350-701 PDF and VCE Dumps

350-501 PDF and VCE Dumps

300-510 PDF and VCE Dumps

300-515 PDF and VCE Dumps

300-535 PDF and VCE Dumps

350-501 PDF and VCE Dumps

010-151 PDF and VCE Dumps

100-490 PDF and VCE Dumps

810-440 PDF and VCE Dumps

820-445 PDF and VCE Dumps

840-450 PDF and VCE Dumps

820-605 PDF and VCE Dumps

700-805 PDF and VCE Dumps

700-070 PDF and VCE Dumps

600-455 PDF and VCE Dumps

600-460 PDF and VCE Dumps

500-173 PDF and VCE Dumps

500-174 PDF and VCE Dumps

200-401 PDF and VCE Dumps

644-906 PDF and VCE Dumps

600-211 PDF and VCE Dumps

600-212 PDF and VCE Dumps

600-210 PDF and VCE Dumps

600-212 PDF and VCE Dumps

700-680 PDF and VCE Dumps

500-275 PDF and VCE Dumps

500-285 PDF and VCE Dumps

600-455 PDF and VCE Dumps

600-460 PDF and VCE Dumps

Microsoft Exams Will Be Retired

AZ-103(retiring August 31, 2020)

AZ-203(retiring August 31, 2020)

AZ-300(retiring August 31, 2020)

AZ-301(retiring August 31, 2020)

77-419(retiring June 30, 2020)

70-333(retiring January 31, 2021)

70-334(retiring January 31, 2021)

70-339(retiring January 31, 2021)

70-345(retiring January 31, 2021)

70-357(retiring January 31, 2021)

70-410(retiring January 31, 2021)

70-411(retiring January 31, 2021)

70-412(retiring January 31, 2021)

70-413(retiring January 31, 2021)

70-414(retiring January 31, 2021)

70-417(retiring January 31, 2021)

70-461(retiring January 31, 2021)

70-462(retiring January 31, 2021)

70-463(retiring January 31, 2021)

70-464(retiring January 31, 2021)

70-465(retiring January 31, 2021)

70-466(retiring January 31, 2021)

70-467(retiring January 31, 2021)

70-480(retiring January 31, 2021)

70-483(retiring January 31, 2021)

70-486(retiring January 31, 2021)

70-487(retiring January 31, 2021)

70-537(retiring January 31, 2021)

70-705(retiring January 31, 2021)

70-740(retiring January 31, 2021)

70-741(retiring January 31, 2021)

70-742(retiring January 31, 2021)

70-743(retiring January 31, 2021)

70-744(retiring January 31, 2021)

70-745(retiring January 31, 2021)

70-761(retiring January 31, 2021)

70-762(retiring January 31, 2021)

70-764(retiring January 31, 2021)

70-765(retiring January 31, 2021)

70-767(retiring January 31, 2021)

70-768(retiring January 31, 2021)

70-777(retiring January 31, 2021)

70-778(retiring January 31, 2021)

70-779(retiring January 31, 2021)

MB2-716(retiring January 31, 2021)

MB6-894(retiring January 31, 2021)

MB6-897(retiring January 31, 2021)

MB6-898(retiring January 31, 2021)