Exambible NSE5 Questions are updated and all NSE5 answers are verified by experts. Once you have completely prepared with our NSE5 exam prep kits you will be ready for the real NSE5 exam without a problem. We have Avant-garde Fortinet NSE5 dumps study guide. PASSED NSE5 First attempt! Here What I Did.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE5 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE5-exam-dumps.html
Q31. - (Topic 1)
Which email filter is NOT available on a FortiGate device?
A. Sender IP reputation database.
B. URLs included in the body of known SPAM messages.
C. Email addresses included in the body of known SPAM messages.
D. Spam object checksums.
E. Spam grey listing.
Answer: E
Q32. - (Topic 2)
Which of the following represents the correct order of criteria used for the selection of a Master unit within a FortiGate High Availability (HA) cluster when master override is disabled?
A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number
B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number
C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number
D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number
Answer: B
Q33. - (Topic 3)
An administrator wishes to generate a report showing Top Traffic by service type. They notice that web traffic overwhelms the pie chart and want to exclude the web traffic from the report.
Which of the following statements best describes how to do this?
A. In the Service field of the Data Filter, type 80/tcp and select the NOT checkbox.
B. Add the following entry to the Generic Field section of the Data Filter: service="!web".
C. When editing the chart, uncheck wlog to indicate that Web Filtering data is being excluded when generating the chart.
D. When editing the chart, enter 'http' in the Exclude Service field.
Answer: A
Q34. - (Topic 3)
A DLP rule with an action of Exempt has been matched against traffic passing through the FortiGate unit. Which of the following statements is correct regarding how this transaction will be handled by the FortiGate unit?
A. Any other matched DLP rules will be ignored with the exception of Archiving.
B. Future files whose characteristics match this file will bypass DLP scanning.
C. The traffic matching the DLP rule will bypass antivirus scanning.
D. The client IP address will be added to a white list.
Answer: A
Q35. - (Topic 1)
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?
A. The FortiGate unit applies NAT to all traffic.
B. The FortiGate unit functions as a Layer 3 device.
C. The FortiGate unit functions as a Layer 2 device.
D. The FortiGate unit functions as a router and the firewall function is disabled.
Answer: B
Q36. CORRECT TEXT - (Topic 1)
In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services.
Answer: antispam
Q37. - (Topic 3)
A FortiGate administrator configures a Virtual Domain (VDOM) for a new customer. After creating the VDOM, the administrator is unable to reassign the dmz interface to the new VDOM as the option is greyed out in Web Config in the management VDOM.
What would be a possible cause for this problem?
A. The dmz interface is referenced in the configuration of another VDOM.
B. The administrator does not have the proper permissions to reassign the dmz interface.
C. Non-management VDOMs can not reference physical interfaces.
D. The dmz interface is in PPPoE or DHCP mode.
E. Reassigning an interface to a different VDOM can only be done through the CLI.
Answer: A
Q38. - (Topic 1)
A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode.
Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)
A. Split tunneling can be enabled when using tunnel mode SSL VPN.
B. Client software is required to be able to use a tunnel mode SSL VPN.
C. Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy.
D. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.
Answer: A,B,C,D
Q39. - (Topic 1)
Which one of the following statements is correct about raw log messages?
A. Logs have a header and a body section. The header will have the same layout for every log message. The body section will change layout from one type of log message to another.
B. Logs have a header and a body section. The header and body will change layout from one type of log message to another.
C. Logs have a header and a body section. The header and body will have the same layout for every log message.
Answer: A
Q40. - (Topic 1)
When creating administrative users which of the following configuration objects determines access rights on the FortiGate unit.
A. profile
B. allowaccess interface settings
C. operation mode
D. local-in policy
Answer: A
