Ensurepass

Topic 5, SSL VPN

 

 

QUESTION 24  (Topic 5)

 

When browsing to an internal web server using a web-mode SSL VPN bookmark, which IP address is used as the source of the HTTP request?

 

A.

The remote user’s virtual IP address.

B.

The FortiGate unit’s internal IP address.

C.

The remote user’s public IP address.

D.

The FortiGate unit’s external IP address.

 

Answer: B

 

 

QUESTION 25  (Topic 5)

 

Which two statements are true about IPsec VPNs and SSL VPNs? (Choose two.)

 

A.

SSL VPN creates a HTTPS connection. IPsec does not.

B.

Both SSL VPNs and IPsec VPNs are standard protocols.

C.

Either a SSL VPN or an IPsec VPN can be established between two FortiGate devices.

D.

Either a SSL VPN or an IPsec VPN can be established between an end-user workstation and a FortiGate device.

 

An
swer:
AD

 

 

QUESTION 26  (Topic 5)

 

 

 

 

Regarding the use of web-only mode SSL VPN, which statement is correct?

 

A.

It supports SSL version 3 only.

B.

It requires a Fortinet-supplied plug-in on the web client.

C.

It requires the user to have a web browser that supports 64-bit cipher length.

D.

The JAVA run-time environment must be installed on the client.

 

Answer: C

 

 

QUESTION 27  (Topic 5)

 

A user logs into a SSL VPN portal and activates the tunnel mode. The administrator has enabled split tunneling. The exhibit shows the firewall policy configuration:

 

clip_image002

 

Which static route is automatically added to the client’s routing table when the tunnel mode is activated?

 

A.

A route to a destination subnet matching the Internal_Servers address object.

B.

A route to the destination subnet configured in the tunnel mode widget.

C.

A default route.

D.

A route to the destination subnet configured in the SSL VPN global settings.

 

Answer: A

 

 

QUESTION 28  (Topic 5)

 

Regarding tunnel-mode SSL VPN, which three statements are correct? (Choose three.)

 

A.

Split tunneling is supported.

 

 

 

 

B.

It requires the installation of a VPN client.

C.

It requires the use of an Internet browser.

D.

It does not support traffic from third-party network applications.

E.

An SSL VPN IP address is dynamically assigned to the client by the FortiGate unit.

 

Answer: ABE

 

Free VCE & PDF File for Fortinet NSE4 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.