Up to the immediate present Fortinet NSE5 exam dumps

NSE5 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

https://www.exambible.com/NSE5-exam/

Product Description:
Exam Number/Code: NSE5
Exam name: Fortinet Network Security Expert 5 Written Exam (500)
n questions with full explanations
Certification: Fortinet Certification
Last updated on Global synchronizing

Free Certification Real IT NSE5 Exam pdf Collection

Act now and download your Fortinet NSE5 test today! Do not waste time for the worthless Fortinet NSE5 tutorials. Download Regenerate Fortinet Fortinet Network Security Expert 5 Written Exam (500) exam with real questions and answers and begin to learn Fortinet NSE5 with a classic professional.

Q41. - (Topic 1) 

Which of the following statements describes the method of creating a policy to block access to an FTP site? 

A. Enable Web Filter URL blocking and add the URL of the FTP site to the URL Block list. 

B. Create a firewall policy with destination address set to the IP address of the FTP site, the Service set to FTP, and the Action set to Deny. 

C. Create a firewall policy with a protection profile containing the Block FTP option enabled. 

D. None of the above. 

Answer:


Q42. - (Topic 1) 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy. 

Exhibit A: 

Exhibit B: 

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine? 

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected. 

B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message. 

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed. 

D. The FortiGate unit will reject the infected email and notify the sender. 

Answer:


Q43. - (Topic 3) 

The FortiGate Server Authentication Extensions (FSAE) provide a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory. 

Which of the following statements are correct regarding FSAE in a Windows domain environment when NTLM is not used? (Select all that apply.) 

A. An FSAE Collector Agent must be installed on every domain controller. 

B. An FSAE Domain Controller Agent must be installed on every domain controller. 

C. The FSAE Domain Controller Agent will regularly update user logon information on the FortiGate unit. 

D. The FSAE Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit. 

E. For non-domain computers, an FSAE client must be installed on the computer to allow FSAE authentication. 

Answer: B,D 


Q44. - (Topic 2) 

In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate unit when searching for a suitable gateway? 

A. A look-up is done only when the first packet coming from the client (SYN) arrives. 

B. A look-up is done when the first packet coming from the client (SYN) arrives, and a second is performed when the first packet coming from the server (SYNC/ACK) arrives. 

C. A look-up is done only during the TCP 3-way handshake (SYNC, SYNC/ACK, ACK). 

D. A look-up is always done each time a packet arrives, from either the server or the client side. 

Answer:


Q45. - (Topic 1) 

A FortiGate 100 unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.) 

A. The external facing interface of the FortiGate unit is configured to use DHCP. 

B. The FortiGate unit has not been registered. 

C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network. 

D. The FortiGate unit is in Transparent mode. 

Answer: A,B,C 


Q46. - (Topic 1) 

In which order are firewall policies processed on the FortiGate unit? 

A. They are processed from the top down according to their sequence number. 

B. They are processed based on the policy ID number shown in the left hand column of the policy window. 

C. They are processed on best match. 

D. They are processed based on a priority value assigned through the priority column in the policy window. 

Answer:


Q47. - (Topic 1) 

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.) 

A. Forward-only 

B. Non-recursive 

C. Recursive 

D. Iterative 

E. Conditional-forward 

Answer: A,B,C 


Q48. - (Topic 3) 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? 

A. Packet encryption 

B. MIB-based report uploads 

C. SNMP access limits through access lists 

D. Running SNMP service on a non-standard port is possible 

Answer:


Q49. - (Topic 1) 

By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action? 

A. Block all network attacks. 

B. Block the most common network attacks. 

C. Allow all traffic. 

D. Allow and log all traffic. 

Answer:


Q50. - (Topic 2) 

Which of the following statements are correct regarding Application Control? 

A. Application Control is based on the IPS engine. 

B. Application Control is based on the AV engine. 

C. Application Control can be applied to SSL encrypted traffic. 

D. Application Control cannot be applied to SSL encrypted traffic. 

Answer: A,C