100% Guarantee Fortinet NSE5 braindumps

NSE5 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!


Product Description:
Exam Number/Code: NSE5
Exam name: Fortinet Network Security Expert 5 Written Exam (500)
n questions with full explanations
Certification: Fortinet Certification
Last updated on Global synchronizing

Free Certification Real IT NSE5 Exam pdf Collection

We provide real NSE5 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Fortinet NSE5 Exam quickly & easily. The NSE5 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Fortinet NSE5 dumps pdf and vce product and material, you can easily pass the NSE5 exam.

Q11. - (Topic 1) 

Which of the following email spam filtering features is NOT supported on a FortiGate unit? 

A. Multipurpose Internet Mail Extensions (MIME) Header Check 

B. HELO DNS Lookup 

C. Greylisting 

D. Banned Word 


Q12. - (Topic 1) 

Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.) 

A. Manual, user-initiated updates from the FortiGuard Distribution Network. 

B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network. 

C. Push updates from the FortiGuard Distribution Network. 

D. Update status including version numbers, expiry dates, and most recent update dates and times. 

Answer: A,B,C,D 

Q13. - (Topic 3) 

A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. 

Which of the following items would an administrator logging in using this account NOT be able to configure? 

A. Firewall addresses 

B. DHCP servers 

C. FortiGuard Distribution Network configuration 

D. PPTP VPN configuration 


Q14. - (Topic 3) 

Which of the following represents the method used on a FortiGate unit running FortiOS version 4.2 to apply traffic shaping to P2P traffic, such as BitTorrent? 

A. Apply a Traffic Shaper to a BitTorrent entry in an Application Control List. 

B. Enable the Shape option in a Firewall policy with a Service set to BitTorrent. 

C. Define a DLP Rule to match against BitTorrent traffic and include the rule in a DLP Sensor with Traffic Shaping enabled. 

D. Specify the amount of Rate Limiting to be applied to BitTorrent traffic through the P2P settings of the Firewall Policy Protocol Options. 


Q15. - (Topic 1) 

The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________. 

A. trusted-admin 

B. super_admin 

C. super_user 

D. admin 

E. fortinet-root 


Q16. - (Topic 3) 

An administrator wishes to generate a report showing Top Traffic by service type. They notice that web traffic overwhelms the pie chart and want to exclude the web traffic from the report. 

Which of the following statements best describes how to do this? 

A. In the Service field of the Data Filter, type 80/tcp and select the NOT checkbox. 

B. Add the following entry to the Generic Field section of the Data Filter: service="!web". 

C. When editing the chart, uncheck wlog to indicate that Web Filtering data is being excluded when generating the chart. 

D. When editing the chart, enter 'http' in the Exclude Service field. 


Q17. - (Topic 3) 

An organization wishes to protect its SIP Server from call flooding attacks. Which of the following configuration changes can be performed on the FortiGate unit to fulfill this requirement? 

A. Apply an application control list which contains a rule for SIP and has the "Limit INVITE Request" option configured. 

B. Enable Traffic Shaping for the appropriate SIP firewall policy. 

C. Reduce the session time-to-live value for the SIP protocol by running the configure system session-ttl CLI command. 

D. Run the set udp-idle-timer CLI command and set a lower time value. 


Q18. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as simple text, wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit updates banned words on a periodic basis. 

Answer: A,B,C 

Q19. - (Topic 1) 

A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode? 

A. Proxy 


C. Flow-based 

D. Man-in-the-middle 


Q20. - (Topic 1) 

Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. 

An administrator must assign a set of UTM features to a group of users. 

Which of the following is the correct method for doing this? 

A. Enable a set of unique UTM features under "Edit User Group". 

B. The administrator must enable the UTM features in an identify-based policy applicable to the user group. 

C. When defining the UTM objects, the administrator must list the user groups which will use the UTM object. 

D. The administrator must apply the UTM features directly to a user object.