Finding Far out NSE5 secret

It is impossible to pass Fortinet NSE5 exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Fortinet NSE5 practice questions. You will get a surprising result by our Rebirth Fortinet Network Security Expert 5 Written Exam (500) practice guides.

2016 Sep NSE5 free question

Q91. - (Topic 3) 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? 

A. Packet encryption 

B. MIB-based report uploads 

C. SNMP access limits through access lists 

D. Running SNMP service on a non-standard port is possible 

Answer: A 


Q92. - (Topic 3) 

Bob wants to send Alice a file that is encrypted using public key cryptography. 

Which of the following statements is correct regarding the use of public key cryptography in this scenario? 

A. Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file. 

B. Bob will use his public key to encrypt the file and Alice will use Bob's private key to decrypt the file. 

C. Bob will use Alice's public key to encrypt the file and Alice will use her private key to decrypt the file. 

D. Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file. 

E. Bob will use Alice's public key to encrypt the file and Alice will use Bob's public key to decrypt the file. 

Answer: C 


Q93. - (Topic 1) 

When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge. 

Select all supported protocols from the following: 

A. SMTP 

B. SSH 

C. HTTP 

D. FTP 

E. SCP 

Answer: C,D 


Q94. - (Topic 1) 

Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.) 

A. User must accept the disclaimer to proceed with the authentication process. 

B. The disclaimer page is customizable. 

C. The disclaimer cannot be used in combination with user authentication. 

D. The disclaimer can only be applied to wireless interfaces. 

Answer: A,B 


Q95. - (Topic 1) 

Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.) 

A. A protection profile may have only one user group defined as an override group. 

B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering. 

C. Authentication to allow the override is based on a user's membership in a user group. 

D. Overrides can be allowed by the administrator for a specific period of time. 

Answer: B,C,D 


NSE5 practice exam

Regenerate NSE5 actual exam:

Q96. - (Topic 2) 

Which of the following statements are correct regarding virtual domains (VDOMs)? (Select all that apply.) 

A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units. 

B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates. 

C. VDOMs share firmware versions, as well as antivirus and IPS databases. 

D. Only administrative users with a 'super_admin' profile will be able to enter multiple VDOMs to make configuration changes. 

Answer: A,B,C 


Q97. - (Topic 2) 

Which of the following statements are correct about the HA diag command diagnose sys ha reset-uptime? (Select all that apply.) 

A. The device this command is executed on is likely to switch from master to slave status if master override is disabled. 

B. The device this command is executed on is likely to switch from master to slave status if master override is enabled. 

C. This command has no impact on the HA algorithm. 

D. This command resets the uptime variable used in the HA algorithm so it may cause a new master to become elected. 

Answer: A,D 


Q98. CORRECT TEXT - (Topic 1) 

The __________CLI command is used on the FortiGate unit to run static commands such as ping or to reset the FortiGate unit to factory defaults. 

Answer: execute 


Q99. - (Topic 2) 

Review the output of the command get router info routing-table database shown in the Exhibit below; then answer the question following it. 


Which of the following statements are correct regarding this output? (Select all that apply). 

A. There will be six routes in the routing table. 

B. There will be seven routes in the routing table. 

C. There will be two default routes in the routing table. 

D. There will be two routes for the 10.0.2.0/24 subnet in the routing table. 

Answer: A,C 


Q100. - (Topic 2) 

Review the IPsec Phase2 configuration shown in the Exhibit; then answer the question following it. 


Which of the following statements are correct regarding this configuration? (Select all that apply). 

A. The Phase 2 will re-key even if there is no traffic. 

B. There will be a DH exchange for each re-key. 

C. The sequence number of ESP packets received from the peer will not be checked. 

D. Quick mode selectors will default to those used in the firewall policy. 

Answer: A,B 



see more NSE5 dumps