Recent to this blog post, I passed the Network Security Expert (NSE) 4 FortiOS 6.0 Network Security Professional certification exam through Pearson Vue.
Here, I will briefly go over the Network Security Expert suite of exams, the NSE 4 exam, it’s components, how to study, and how taking the exam can help your career.
Network Security Expert Exams
The NSE certificate path in a series of designations numbered one through eight. NSE 1 through 3 are introductory with a focus on sales, product information and security concepts. Whereas;
- The NSE 4 requires you to complete one examination on the FortiGate based on two modules, infrastructure and security.
- The NSE 5 requires you to complete two of three examinations, one on the FortiAnalyzer, FortiSIEM, or the FortiManager.
- The NSE 6 requires you to complete any four of the following examinations, on the FortiADC FortiMail, FortiAuthenticator, FortiDDoS, Integrated and Cloud Wireless, FortiWeb, or FortiWLC
- The NSE 7 requires you to complete two of three examinations, one on Enterprise Firewalls, Advanced Threat Protection or Secure Access
- The NSE 8 requires you to complete a test in a live environment and is only offered in select locations at Fortinet facilities.
NSE 4 Exam
There are two components, Infrastructure and Security. The certification prepares you to work on the FortiGate firewall and is very similar in structure to the content and exam for Cisco’s CCNA Routing & Switching certification. The chapters of the FortiGate v6.0 certification exam material are as follows;
- SD WAN
- Layer 2 Switching
- Site to Site IPsec VPN
- Fortinet Single Sign On
- High Availability
- We Proxy
- Firewall Policies
- Firewall Authentication
- Logging and Monitoring
- Certificate Operations
- Web Filtering
- Application Control
- SSL VPN
- Dial-up IPsec VPN
- Data Leak Prevention
The best way to climb your way up the Fortinet ladder is to be employed by a Fortinet partner and have access to the partner portal. With partner portal access you have all of the training material for NSE 1-7. There are other benefits of the Fortinet partner portal, such as looking up registered devices, getting pricing for sales, and a knowledge base library.
You also have access to the special program that allows you to earn points through passing the exams and you can redeem the points for Fortinet products such as the FortiGate firewall.
If your employer is a partner, it’s highly recommended to inquire about getting vouchers to write the NSE exams since the NSE 4 exams starts at $400 USD.
Ways to Study
Courses through the Fortinet Partner Portal: The partner portal offers self-paced or in-person courses. They offer a self-paced course on Infrastructure and another on Security. The self-paced course offers a 500 page PDF with multiple choice questions at the end of each chapter with a virtual lab. The in-person courses are proctored by an instructor and can be web based or in person at a learning facility and require you to complete course work and labs.
Practice on the FortiDemo website: where the username and password are demo/demo. This gives you a virtual FortiGate to practice on and get familiar with
Dive into Fortinet Cookbook: The best free source for FortiGate information. Here are labs, knowledge base articles, and other helpful study resources.
You should also scour the internet for training material. My advice would start with a Google search like “NSE 4 6.0 filetype:pdf” and see if you can find any pirated copies of the partner material, exam question dumps, and other training material.
- Exam Code: NSE4_FGT-6.0
- Exam Name: Fortinet NSE 4 – FortiOSD 6.0
- Time: 120 minutes
- Questions: 70
- Passing Score: 60%
The exam is a multiple choice exam where you can review your questions at the end to make any changes. The question format is multiple choice with 4 possible choices and questions are based worded questions and on screenshots of script output.
Registering for the Exam
The exam is proctored through Pearson Vue. I recommend if you are interested in taking the exam, register an account and view the schedule for upcoming exams to make sure you are prepared.
How I Studied;
- I had access to the Partner portal. This gave me access to each NSE level with full documentation, videos, slides, and more.
- I read through each 500-page PDF for Infrastructure and Security modules on the partner portal and made detailed notes that encompass the most important information
- Participated in the online web-based virtual labs hosted by Fortinet for the FortiGate infrastructure lab and the FortiGate security lab
- Scoured the internet for exam questions and dumps from sites like VCE and did google searches like “NSE 4 6.0 filetype:pdf”
- Ensured I was able to answer all the questions in the book as well as all of the questions found online before writing the test
Moreover, the SOC that I work in utilizes a Fortinet infrastructure with FortiGates, FortiAnalyzers, FortiManagers, and so on. I have day to day experience working on these devices and I still studied the training material to understand the language and terminology that the test is delivered in.
I found the test to be comparable in difficulty to the CCNA Routing & Switching exam with more emphasis on the terminology Fortinet uses in their study material, understanding command output, and knowing how regular networking works specifically with Fortinet such as Fortinet Single Sign On (FSSO).
How Can NSE Help Your Career?
Many security enthusiasts and people looking to start in information security ask which certifications are the best to get. Most will say Cisco CCNA is the best start to learn the basics of networking, which I kind of agree with. However, which certification will get you the most bang for your buck?
When asking vendors and sales people, they will point to Gartner for which product is the best, which they will claim Fortinet is superior to Cisco when looking at market reviews and ratings, at this time.
That being said, from my knowledge, many enterprise level and SMB level businesses are moving towards Fortinet for their popular Unified Threat Management solutions.
Therefore, many companies and hiring managers are looking for people with Fortinet networking experience to bolster their security teams and your NSE 4 certification will help you stand out among the applicants. Take a look on any job board in your region to find out how many companies are looking for Fortinet certificate holders.
Links and Resources
Here are some links that will help you in learning about the NSE 4 exam and to prepare you to write it.
- Get training at Fortinet
- Join the FortiSlack Reddit community
- Get training for free at the Fortinet Cookbook
- Practice on the FortiDemo FortiGate
- Visit the Fortinet forums for questions and help
Fortinet Demo Appliances – Read Only
The FortiDemo appliances are available with read access via the internet. You can use them to get familiar with the user interface and all the features of the Fortinet Security Fabric.
- Username: demo
- Password: demo
Here re a list of all of the known demo appliances;
- FortiGate Demo
- FortiManager Demo
- FortiAnalyzer Demo
- FortiAuthenticator Demo
- FortiRecorder Demo
- FortiSecureWebGateway Demo
- FortiVoice Demo
- FortiSwitch Demo
- FortiADC Demo
- FortiDDoS Demo
- FortiMail Demo
- FortiRugged Demo
- FortiGate IPS Demo
- FortiDB Demo
- FortiWLM Demo
- FortiManager SD-WAN Demo
- FortiGate SD-WAN Demo
Last updated for accuracy: July 27, 2020.