Exam (elaborations)
NSE4 Exam Study Guide
- Course
- Institution
NSE4 Exam Study Guide ...
[Show more]
Content preview
NSE4 Exam Study GuideWhich one is a part of the Security Rating scorecard ? (A. Firewall Policy B.
Optimization) - Answer Optimization
From which view can an administrator deauthorize a device from the Security Fabric ?
(A . From the physical topology view / B. From the FortiView) - Answer From the physical
topology view
Why should an administrator extend the Security Fabric to other devices ? - Answer To
provide a single pane of glass for management and reporting purposes
What is the purpose of Security Fabric external connectors ? - Answer External
connectors allow you to integrate multi - cloud support with the Security Fabric
What are the two mandatory settings of the Security Fabric configuration ? - Answer
Fabric name and Security Fabric role
From where do you authorize a device to participate in the Security Fabric ? - Answer
From the root FortiGate
What is the Fortinet Security Fabric ? - Answer A Fortinet solution that enables
communication and visibility among devices of your network
Which combination of devices must participate in the Security Fabric ? - Answer A
FortiAnalyzer and two or more FortiGate devices
Which FQDN does FortiGate use to obtain IPS updates ? (update.fortiguard.net /
service.fortiguard.com) - Answer update.fortiguard.net
When IPS fail open is triggered , what is the expected behavior , if the IPS fail - open
option is set to enabled ? - Answer New packets pass through without inspection
Which chipset uses NTurbo to accelerate IPS sessions ? (CP9 / SOC4) - Answer SOC4
Which feature requires full SSL inspection to maximize its detection capability ? (WAF /
DoS) - Answer WAF
Which DoS anomaly sensor can be used to detect and block the probing attempts of a
port scanner ? - Answer tcp_port_scan
Which behavior is a characteristic of a DoS attack ? - Answer Attempts to overload a
server with TCP SYN packets
Which IPS action allows traffic and logs the activity ? (Allow / Monitor) - Answer Monitor
Which IPS component is updated most frequently ? - Answer IPS signature database
What command do you use to force FortiGate to check for new antivirus updates ? -
, Answer execute update - av
Which type of inspection mode can be offloaded using NTurbo hardware acceleration ? -
Answer Flow - based
What does the logging of oversized files option do ? - Answer Enables logging of all files
that cannot be scanned because of oversize limit
What is the default scanning behavior for files over 10 MB ? - Answer Allow the file
without scanning
Which certificate extension and value is required in the FortiGate CA certificate in order
to enable full SSL inspection ? - Answer CA = True
Which configuration requires FortiGate to act as a CA for full SSL inspection ? - Answer
Multiple clients connecting to multiple servers
Which attribute or extension identifies the owner of a certificate ? - Answer The subject
name in the certificate
How does FortiGate determine if a certificate has been revoked ? - Answer It checks the
CRL that resides on FortiGate .
What happens when logs roll ? - Answer It lowers the space requirements needed to
contain those logs .
When you download logs on the GUI , - Answer only your current view , including any
filters set , are downloaded .
In your firewall policy , which setting must you enable to generate logs on traffic sent
through that firewall policy ? - Answer Log Allowed Traffic
With email alerts , you can trigger alert emails based on ____________ or log severity
level . - Answer event
Which storage type is preferred for logging ? - Answer Remote logging
Which protocol does FortiGate use to send encrypted logs to FortiAnalyzer ? - Answer
OFTPS
If you enable reliable logging , which transport protocol will FortiGate use ? - Answer
TCP
Which statement about application control is true ? - Answer Application control uses
the IPS engine to scan traffic for application patterns .
Which statement about the application control database is true ? - Answer The
application control database is separate from the IPS database .
What three additional features of an antivirus profile are available in proxy - based
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Flat. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
80796 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now