NSE5 Exam - Fortinet Network Security Expert 5 Written Exam (500)

  1. Home
  2. Fortinet
  3. NSE5 Dumps

certleader.com

Q1. - (Topic 1) 

Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.) 

A. FortiASIC content processor. 

B. Hard Drive. 

C. Gigabit network interfaces. 

D. Serial console port. 

Answer: A,D 

Q2. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit includes a pre-defined library of common banned words. 

Answer: A,B,C 

Q3. - (Topic 3) 

A DLP rule with an action of Exempt has been matched against traffic passing through the FortiGate unit. Which of the following statements is correct regarding how this transaction will be handled by the FortiGate unit? 

A. Any other matched DLP rules will be ignored with the exception of Archiving. 

B. Future files whose characteristics match this file will bypass DLP scanning. 

C. The traffic matching the DLP rule will bypass antivirus scanning. 

D. The client IP address will be added to a white list. 

Answer:

Q4. - (Topic 3) 

Based on the web filtering configuration illustrated in the exhibit, 

which one of the following statements is not a reasonable conclusion? 

A. Users can access both the www.google.com site and the www.fortinet.com site. 

B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site. 

C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed. 

D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled. 

Answer:

Q5. - (Topic 1) 

A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. 

In addition, the system setting ‘utm-incident-traffic-log’ has been enabled..In which log will a UTM event message be stored? 

A. Traffic 

B. UTM 

C. System 

D. None 

Answer:

Q6. - (Topic 2) 

Examine the Exhibit shown below; then answer the question following it. 

In this scenario, the Fortigate unit in Ottawa has the following routing table: 

S* 0.0.0.0/0 [10/0] via 172.20.170.254, port2 

C 172.20.167.0/24 is directly connected, port1 

C 172.20.170.0/24 is directly connected, port2 

Sniffer tests show that packets sent from the Source IP address 172.20.168.2 to the Destination IP address 172.20.169.2 are being dropped by the FortiGate unit located in Ottawa. Which of the following correctly describes the cause for the dropped packets? 

A. The forward policy check. 

B. The reverse path forwarding check. 

C. The subnet 172.20.169.0/24 is NOT in the Ottawa FortiGate unit’s routing table. 

D. The destination workstation 172.20.169.2 does NOT have the subnet 172.20.168.0/24 in its routing table. 

Answer:

Q7. - (Topic 1) 

What is the FortiGate unit password recovery process? 

A. Interupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry. 

B. Log in through the console port using the maintainer account within several minutes of a reboot. 

C. Hold CTRL + break during reboot and reset the admin password. 

D. The only way to regain access is to interrupt boot sequence and restore a configuration file for which the password has been modified. 

Answer:

Q8. - (Topic 3) 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the AntiVirus and Email Filter profiles applied to this policy. 

What is the correct behavior when the email attachment is detected as a virus by the 

FortiGate AntiVirus engine? 

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected. 

B. The FortiGate unit will reject the infected email and notify both the sender and recipient. 

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed. 

D. The FortiGate unit will reject the infected email and notify the sender. 

Answer:

Q9. - (Topic 1) 

An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. 

Which of the following statements best describes how to resolve this issue? 

A. This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user's web portal. 

B. This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface. 

C. Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal. 

D. Make sure that only Internet Explorer is used. All other browsers are unsupported. 

Answer:

Q10. - (Topic 2) 

Identify the correct properties of a partial mesh VPN deployment: 

A. VPN tunnels interconnect between every single location. 

B. VPN tunnels are not configured between every single location. 

C. Some locations are reached via a hub location. 

D. There are no hub locations in a partial mesh. 

Answer: B,C 

© All pages Copyright to by dumpslabs.com. All rights reserved. thedumpscentre.com