This preview shows page 170 - 173 out of 179 pages.
A. Execute ping-options source port1 B. Execute ping-options source 10.200.1.1. C. Execute ping-options source 10.200.1.2 D. Execute ping-options source 10.0.1.254 Answer: D QUESTION 535 How can you format the FortiGate flash disk? A. Load the hardware test (HQIP) image. B. Execute the CLI command execute formatlogdisk. C. Load a debug FortiOS image. D. Select the format boot device option from the BIOS menu. Answer: D QUESTION 536 How do you configure inline SSL inspection on a firewall policy? (Choose two.) A. Enable one or more flow-based security profiles on the firewall policy. B. Enable the SSL/SSH Inspection profile on the firewall policy. C. Execute the inline ssl inspection CLI command.
Get Latest & Actual NSE4 Exam's Question and Answers from Passleader. 170D. Enable one or more proxy-based security profiles on the firewall policy. Answer: AB QUESTION 537 Which traffic sessions can be offloaded to a NP6 processor? (Choose two.) A. IPv6 B. RIP C. GRE D. NAT64 Answer: AD QUESTION 538 View the exhibit. Based on this output, which statements are correct? (Choose two.) A. FortiGate generated an event log for system conserve mode. B. FortiGate has entered in to system conserve mode. C. By default, the FortiGate blocks new sessions. D. FortiGate changed the global av-failopen settings to idledrop. Answer: BC QUESTION 539 An administrator has blocked Netflix login in a cloud access security inspection (CASI) profile. The administrator has also applied the CASI profile to a firewall policy. What else is required for the CASI profile to work properly? A. You must enable logging for security events on the firewall policy.
Get Latest & Actual NSE4 Exam's Question and Answers from Passleader. 171B. You must activate a FortiCloud account. C. You must apply an application control profile to the firewall policy. D. You must enable SSL inspection on the firewall policy. Answer: C QUESTION 540 How does FortiGate look for a matching firewall policy to process traffic? A. From top to bottom, based on the sequence numbers. B. Based on best match. C. From top to bottom, based on the policy ID numbers. D. From lower to higher, based on the priority value. Answer: A QUESTION 541 How do you configure a FortiGate to do traffic shaping of P2P traffic, such as BitTorrent? A. Apply an application control profile allowing BitTorrent to a firewall policy and configure a traffic shaping policy. B. Enable the shape option in a firewall policy with service set to BitTorrent. C. Apply a traffic shaper to a BitTorrent entry in the SSL/SSH inspection profile. D. Apply a traffic shaper to a protocol options profile. Answer: B QUESTION 542 Which file names will match the *.tiff file name pattern configured in a data leak prevention filter? (Choose two.) A. tiff.tiff B. tiff.png C. tiff.jpeg D. gif.tiff Answer: AD QUESTION 543 An administrator has configured a dialup IPsec VPN with XAuth. Which method statement best describes this scenario?