NSE4 Online Practice Questions and Answers

Files reported as "suspicious" were subject to which Antivirus check"?

A. Grayware

B. Virus

C. Sandbox

D. Heuristic

Regarding the header and body sections in raw log messages, which statement is correct?

A. The header and body section layouts change depending on the log type.

B. The header section layout is always the same regardless of the log type. The body section layout changes depending on the log type.

C. Some log types include multiple body sections.

D. Some log types do not include a body section.

What are two requirements for DC-agent mode FSSO to work properly in a Windows AD environment? (Choose two.)

A. DNS server must properly resolve all workstation names

B. The remote registry service must be running in all workstations

C. The collector agent must be installed in one of the Windows domain controllers

D. A same user cannot be logged in into two different workstations at the same time

Which statements regarding banned words are correct? (Choose two.)

A. Content is automatically blocked if a single instance of a banned word appears.

B. The FortiGate updates banned words on a periodic basis.

C. The FortiGate can scan web pages and email messages for instances of banned words.

D. Banned words can be expressed as simple text, wildcards and regular expressions.

Which type of conserve mode writes a log message immediately, rather than when the device exits conserve mode?

A. Kernel

B. Proxy

C. System

D. Device

Which statement best describes what the FortiGate hardware acceleration processors main task is?

A. Offload traffic processing tasks from the main CPU.

B. Offload management tasks from the main CPU.

C. Compress and optimize the network traffic.

D. Increase maximum bandwidth available in a FortiGate interface.

An Internet browser is using the WPAD DNS method to discover the PAC file's URL. The DNS server replies to the browser's request with the IP address 10.100.1.10. Which URL will the browser use to download the PAC file?

A. http://10.100.1.10/proxy.pac

B. https://10.100.1.10/

C. http://10.100.1.10/wpad.dat

D. https://10.100.1.10/proxy.pac

When firewall policy authentication is enabled, which protocols can trigger an authentication challenge? (Choose two.)

A. SMTP

B. SSH

C. HTTP

D. FTP

E. SCP

In a FSSO agentless polling mode solution, where must the collector agent be?

A. In any Windows server

B. In any of the AD domain controllers

C. In the master AD domain controller

D. The FortiGate device polls the AD domain controllers

Which of the following statements best describes the role of a DC agents in an FSSO DC?

A. Captures the login events and forward them to the collector agent.

B. Captures the user IP address and workstation name and forward that information to the FortiGate devices.

C. Captures the login and logoff events and forward them to the collector agent.

D. Captures the login events and forward them to the FortiGate devices.