Updated Fortinet NSE5 exam questions and NSE5 braindumps from Dumpslabs.com. Pass the NSE5 exam with our NSE5 VCE dumps. Start NSE5 Exam Now.
2024 Fortinet Official New Released NSE5 Q&As
100% Free Download! 100% Pass Guaranteed!
https://www.certleader.com/NSE5-dumps.html
Q1. - (Topic 2) Which of the following statements are correct about the HA diag command diagnose sys ha reset-uptime? (Select all that apply.) A. The device this command is executed on is likely to switch from master to slave status if master override is disabled. B. The device this command is executed on is likely to switch from master to slave status if master override is enabled. C. This c
Q1. - (Topic 1) Which of the following statements is correct regarding URL Filtering on the FortiGate unit? A. The available actions for URL Filtering are Allow and Block. B. Multiple URL Filter lists can be added to a single Web filter profile. C. A FortiGuard Web Filtering Override match will override a block action in the URL filter list. D. The available actions for URL Filtering are All
Q1. - (Topic 1) When browsing to an internal web server using a web-mode SSL VPN bookmark, from which of the following source IP addresses would the web server consider the HTTP request to be initiated? A. The remote user's virtual IP address. B. The FortiGate unit's internal IP address. C. The remote user's public IP address. D. The FortiGate unit's external IP address. Vie
Q1. - (Topic 1) The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.) A. MS-CHAP-V2 (Microsoft Challenge-Handshake Au
Q1. - (Topic 3) Which of the following items is NOT a packet characteristic matched by a firewall service object? A. ICMP type and code B. TCP/UDP source and destination ports C. IP protocol number D. TCP sequence number View AnswerAnswer: D Q2. - (Topic 2) Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choi
Q1. - (Topic 1) An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.) A. An entry in a supported LDAP Directory. B. A digital certificate issued by any CA server. C. A valid username and password. D. A d
Q1. - (Topic 1) Which statement is correct regarding virus scanning on a FortiGate unit? A. Virus scanning is enabled by default. B. Fortinet Customer Support enables virus scanning remotely for you. C. Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy. D. Enabling virus scanning in a UTM security profile enables virus
Q1. - (Topic 3) Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers? A. WCCP must be enabled on the interface facing the Web cache. B. You must enabled explicit Web-proxy on the incoming interface. C. WCCP must be enabled as a global setting on the FortiGate unit. D. WCCP must be enabled on all interfaces on the FortiGate uni
Q1. - (Topic 3) Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? A. Packet encryption B. MIB-based report uploads C. SNMP access limits through access lists D. Running SNMP service on a non-standard port is possible View AnswerAnswer: A Q2. - (Topic 3) A FortiGate unit is configured with three Virtual Domains (VDOMs) as illu
Q1. - (Topic 2) Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it. config router static edit 1 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 10 set device port1 next edit 2 set dst 172.20.168.0 255.255.255.0 set distance 20 set priority 20 set device port2 next end Which of the follo
Q1. - (Topic 2) Review the IPsec phase1 configuration in the Exhibit shown below; then answer the question following it. Which of the following statements are correct regarding this configuration? (Select all that apply). A. The phase1 is for a route-based VPN configuration. B. The phase1 is for a policy-based VPN configuration. C. The local gateway IP is the address assigned to port1. D. T
Q1. - (Topic 1) Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.) A. When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory. B. When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages. C. If the FortiGate unit is reset or
Q1. - (Topic 1) By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action? A. Block all network attacks. B. Block the most common network attacks. C. Allow all traffic. D. Allow and log all traffic. View AnswerAnswer: C Q2. - (Topic 1) Users may require access to a web site that is blocked by a policy. Administrators can give users the ability
Q1. - (Topic 1) Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.) A. FortiASIC content processor. B. Hard Drive. C. Gigabit network interfaces. D. Serial console port. View AnswerAnswer: A,D Q2. - (Topic 1) Which of the following statements regarding Banned Words are correct? (Select all that apply.) A. The Fort