NSE5 training materials(21 to 30) for IT candidates: Jul 2021 Edition

The Fortinet technical engineers will almost always be trying to find a approach to figure out the most recent NSE5 on the internet answers and questions. You are able to download the most recent NSE5 dumps upon our own Pass4sure web site. We all not really only offer NSE5 pdf examinations and also the software model. Pass4sure NSE5 test powerplant creates a simulators with the surroundings when the NSE5 appears, provides a excellent chance to practice your Fortinet test communicative surroundings. According to the test preparation, it is possible to choose any kind of NSE5 model to review overall flexibility. Moving NSE5 test can become more standard more quickly by learning Fortinet NSE5 practice examinations.

2021 Jul NSE5 book

Q21. - (Topic 2) 

In a High Availability cluster operating in Active-Active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a subordinate unit? 

A. Request: Internal Host; Master FortiGate; Slave FortiGate; Internet; Web Server 

B. Request: Internal Host; Master FortiGate; Slave FortiGate; Master FortiGate; Internet; Web Server 

C. Request: Internal Host; Slave FortiGate; Internet; Web Server 

D. Request: Internal Host; Slave FortiGate; Master FortiGate; Internet; Web Server 

Answer: A 

Q22. - (Topic 1) 

A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. 

In addition, the system setting ‘utm-incident-traffic-log’ has been enabled..In which log will a UTM event message be stored? 

A. Traffic 


C. System 

D. None 

Answer: A 

Q23. - (Topic 1) 

File blocking rules are applied before which of the following? 

A. Firewall policy processing 

B. Virus scanning 

C. Web URL filtering 

D. White/Black list filtering 

Answer: B 

Q24. - (Topic 1) 

Which of the following pieces of information can be included in the Destination Address field of a firewall policy? (Select all that apply.) 

A. An IP address pool. 

B. A virtual IP address. 

C. An actual IP address or an IP address group. 

D. An FQDN or Geographic value(s). 

Answer: B,C,D 

Q25. - (Topic 1) 

A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. 

Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.) 

A. Split tunneling can be enabled when using tunnel mode SSL VPN. 

B. Client software is required to be able to use a tunnel mode SSL VPN. 

C. Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy. 

D. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit. 

Answer: A,B,C,D 

NSE5 practice exam

Renovate NSE5 exam prep:

Q26. - (Topic 1) 

What is the FortiGate unit password recovery process? 

A. Interupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry. 

B. Log in through the console port using the maintainer account within several minutes of a reboot. 

C. Hold CTRL + break during reboot and reset the admin password. 

D. The only way to regain access is to interrupt boot sequence and restore a configuration file for which the password has been modified. 

Answer: B 

Q27. - (Topic 2) 

Select the answer that describes what the CLI command diag debug authd fsso list is used for. 

A. Monitors communications between the FSSO Collector Agent and FortiGate unit. 

B. Displays which users are currently logged on using FSSO. 

C. Displays a listing of all connected FSSO Collector Agents. 

D. Lists all DC Agents installed on all Domain Controllers. 

Answer: B 

Q28. - (Topic 3) 

SSL Proxy is used to decrypt the SSL-encrypted traffic. After decryption, where is the traffic buffered in preparation for content inspection? 

A. The file is buffered by the application proxy. 

B. The file is buffered by the SSL proxy. 

C. In the upload direction, the file is buffered by the SSL proxy. In the download direction, the file is buffered by the application proxy. 

D. No file buffering is needed since a stream-based scanning approach is used for SSL content inspection. 

Answer: A 

Q29. - (Topic 1) 

Which Fortinet products & features could be considered part of a comprehensive solution to monitor and prevent the leakage of senstive data? (Select all that apply.) 

A. Archive non-compliant outgoing e-mails using FortiMail. 

B. Restrict unofficial methods of transferring files such as P2P using Application Control lists on a FortiGate. 

C. Monitor database activity using FortiAnalyzer. 

D. Apply a DLP sensor to a firewall policy. 

E. Configure FortiClient to prevent files flagged as sensitive from being copied to a USB disk. 

Answer: A,B,D 

Q30. - (Topic 1) 

Which of the following network protocols can be used to access a FortiGate unit as an administrator? 





E. Telnet, UDP, NNTP, SMTP 

Answer: A 

see more NSE5 dumps