we provide 100% Guarantee Fortinet NSE5 practice question which are the best for clearing NSE5 test, and to get certified by Fortinet Fortinet Network Security Expert 5 Written Exam (500). The NSE5 Questions & Answers covers all the knowledge points of the real NSE5 exam. Crack your Fortinet NSE5 Exam with latest dumps, guaranteed!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE5 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE5-exam-dumps.html
Q21. - (Topic 1)
What are the valid sub-types for a Firewall type policy? (Select all that apply)
A. Device Identity
B. Address
C. User Identity
D. Schedule
E. SSL VPN
Answer: A,B,C
Q22. - (Topic 1)
An administrator configures a FortiGate unit in Transparent mode on the 192.168.11.0 subnet. Automatic Discovery is enabled to detect any available FortiAnalyzers on the network.
Which of the following FortiAnalyzers will be detected? (Select all that apply.)
A. 192.168.11.100
B. 192.168.11.251
C. 192.168.10.100
D. 192.168.10.251
Answer: A,B
Q23. - (Topic 1)
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)
A. FortiGate
B. FortiClient
C. FortiMail
D. FortiAnalyzer
Answer: A,B,C
Q24. - (Topic 1)
Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention for traffic flowing through the FortiGate unit? (Select all that apply.)
A. Assign a DLP sensor in a firewall policy.
B. Apply one or more DLP rules to a firewall policy.
C. Enable DLP globally using the config sys dlp command in the CLI.
D. Define one or more DLP rules.
E. Define a DLP sensor.
F. Apply a DLP sensor to a DoS sensor policy.
Answer: A,D,E
Q25. - (Topic 2)
Examine the exhibit shown below then answer the question that follows it.
Within the UTM Proxy Options, the CA certificate Fortinet_CA_SSLProxy defines which of the following:
A. FortiGate unit’s encryption certificate used by the SSL proxy.
B. FortiGate unit’s signing certificate used by the SSL proxy.
C. FortiGuard’s signing certificate used by the SSL proxy.
D. FortiGuard’s encryption certificate used by the SSL proxy.
Answer: A
Q26. - (Topic 3)
Based on the web filtering configuration illustrated in the exhibit,
which one of the following statements is not a reasonable conclusion?
A. Users can access both the www.google.com site and the www.fortinet.com site.
B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site.
C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed.
D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled.
Answer: B
Q27. - (Topic 2)
What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a
fully-meshed set of IPSec tunnels? (Select all that apply.)
A. Using a hub and spoke topology is required to achieve full redundancy.
B. Using a hub and spoke topology simplifies configuration because fewer tunnels are required.
C. Using a hub and spoke topology provides stronger encryption.
D. The routing at a spoke is simpler, compared to a meshed node.
Answer: B,D
Q28. - (Topic 1)
Which of the following statements best describes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?
A. The proxy will not allow a file to be transmitted in multiple streams simultaneously.
B. The proxy sends the file to the server while simultaneously buffering it.
C. If the file being scanned is determined to be infected, the proxy deletes it from the server by sending a delete command on behalf of the client.
D. If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.
Answer: A
Q29. - (Topic 1)
Encrypted backup files provide which of the following benefits? (Select all that apply.)
A. Integrity of the backup file is protected since it cannot be easily modified when encrypted.
B. Prevents the backup file from becoming corrupted.
C. Protects details of the device's configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.
Answer: A,C
Q30. - (Topic 1)
A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled.
In addition, the system setting ‘utm-incident-traffic-log’ has been enabled..In which log will a UTM event message be stored?
A. Traffic
B. UTM
C. System
D. None
Answer: A
