Proper study guides for Refresh Fortinet Fortinet Network Security Expert 5 Written Exam (500) certified begins with Fortinet NSE5 preparation products which designed to deliver the High quality NSE5 questions by making you pass the NSE5 test at your first time. Try the free NSE5 demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Fortinet NSE5 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/NSE5-exam-dumps.html
Q91. - (Topic 2)
Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.)
A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding.
B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs.
C. The device is transparent to network hosts.
D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network.
E. All interfaces must be on different IP subnets.
Answer: A,B,C,D
Q92. - (Topic 3)
Which of the following cannot be used in conjunction with the endpoint compliance check?
A. HTTP Challenge Redirect to a Secure Channel (HTTPS) in the Authentication Settings.
B. Any form of firewall policy authentication.
C. WAN optimization.
D. Traffic shaping.
Answer: A
Q93. - (Topic 1)
In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks.
Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)
A. Create firewall policies to control traffic between the IP source and destination address.
B. Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.
C. Set the operating mode of the FortiGate unit to IPSec VPN mode.
D. Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.
E. Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.
Answer: A,D,E
Q94. - (Topic 1)
Users may require access to a web site that is blocked by a policy. Administrators can give
users the ability to override the block. Which of the following statements regarding overrides is NOT correct?
A. A web filter profile may only have one user group defined as an override group.
B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.
C. When requesting an override, the matched user must belong to a user group for which the override capabilty has been enabled.
D. Overrides can be allowed by the administrator for a specific period of time.
Answer: A
Q95. - (Topic 1)
An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the “Connect” button. The administrator has enabled split tunneling.
Given that the user authenticates against the SSL VPN policy shown in the image below, which statement below identifies the route that is added to the client’s routing table.
A. A route to destination matching the ‘WIN2K3’ address object.
B. A route to the destination matching the ‘all’ address object.
C. A default route.
D. No route is added.
Answer: A
Q96. - (Topic 1)
Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.)
A. When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory.
B. When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages.
C. If the FortiGate unit is reset or loses power, log entries captured to memory will be lost.
D. None of the above.
Answer: B,C
Q97. - (Topic 3)
Which of the following describes the difference between the ban and quarantine actions?
A. A ban action prevents future transactions using the same protocol which triggered the ban. A qarantine action blocks all future transactions, regardless of the protocol.
B. A ban action blocks the transaction. A quarantine action archives the data.
C. A ban action has a finite duration. A quarantine action must be removed by an administrator.
D. A ban action is used for known users. A quarantine action is used for unknown users.
Answer: A
Q98. - (Topic 1)
A FortiGate 100 unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.)
A. The external facing interface of the FortiGate unit is configured to use DHCP.
B. The FortiGate unit has not been registered.
C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network.
D. The FortiGate unit is in Transparent mode.
Answer: A,B,C
Q99. - (Topic 1)
What is the FortiGate unit password recovery process?
A. Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.
B. Log in through the console port using the “maintainer” account within approximately 30 seconds of a reboot.
C. Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password.
D. The only way to regain access is to interrupt the boot sequence and restore a configuration file for which the password has been modified.
Answer: B
Q100. - (Topic 1)
Which of the following statements are true regarding Local User Authentication? (Select all that apply.)
A. Local user authentication is based on usernames and passwords stored locally on the FortiGate unit.
B. Two-factor authentication can be enabled on a per user basis.
C. Administrators can create an account for the user locally and specify the remote server to verify the password.
D. Local users are for administration accounts only and cannot be used for identity policies.
Answer: A,B,C
