getcertified4sure.com

NSE5 Exam

Shortcuts To NSE5(11 to 20)



Cause all that matters here is passing the Fortinet NSE5 exam. Cause all that you need is a high score of NSE5 Fortinet Network Security Expert 5 Written Exam (500) exam. The only one thing you need to do is downloading Pass4sure NSE5 exam study guides now. We will not let you down with our money-back guarantee.

Q11. - (Topic 1) 

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.) 

A. Forward-only 

B. Non-recursive 

C. Recursive 

D. Iterative 

E. Conditional-forward 

Answer: A,B,C 


Q12. CORRECT TEXT - (Topic 1) 

The __________CLI command is used on the FortiGate unit to run static commands such as ping or to reset the FortiGate unit to factory defaults. 

Answer: execute 


Q13. - (Topic 3) 

A FortiGate unit is operating in NAT/Route mode and is configured with two Virtual LAN (VLAN) sub-interfaces added to the same physical interface. 

Which of the following statements is correct regarding the VLAN IDs in this scenario? 

A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets. 

B. The two VLAN sub-interfaces must have different VLAN IDs. 

C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs. 

D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches. 

Answer:


Q14. - (Topic 3) 

Based on the web filtering configuration illustrated in the exhibit, 

which one of the following statements is not a reasonable conclusion? 

A. Users can access both the www.google.com site and the www.fortinet.com site. 

B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site. 

C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed. 

D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled. 

Answer:


Q15. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit includes a pre-defined library of common banned words. 

Answer: A,B,C 


Q16. - (Topic 1) 

Which of the following pieces of information can be included in the Destination Address field of a firewall policy? 

A. An IP address pool, a virtual IP address, an actual IP address, and an IP address group. 

B. A virtual IP address, an actual IP address, and an IP address group. 

C. An actual IP address and an IP address group. 

D. Only an actual IP address. 

Answer:


Q17. - (Topic 1) 

A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. 

Which one of the following statements is correct regarding the use of web-only mode SSL VPN? 

A. Web-only mode supports SSL version 3 only. 

B. A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN. 

C. Web-only mode requires the user to have a web browser that supports 64-bit cipher length. 

D. The JAVA run-time environment must be installed on the client to be able to connect to a web-only mode SSL VPN. 

Answer:


Q18. - (Topic 3) 

When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit. 

Which of the following statements is correct regarding this entry? 

A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule. 

B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature. 

This client is banned from receiving or sending any traffic through the FortiGate. 

C. The entry displays a quarantine, which could have been added by either IPS or DLP. 

D. This entry displays a ban entry that was added manually by the administrator on June11th. 

Answer:


Q19. - (Topic 3) 

Which of the following statements is correct regarding the NAC Quarantine feature? 

A. With NAC quarantine, files can be quarantined not only as a result of antivirus scanning, but also for other forms of content inspection such as IPS and DLP. 

B. NAC quarantine does a client check on workstations before they are permitted to have administrative access to FortiGate. 

C. NAC quarantine allows administrators to isolate clients whose network activity poses a security risk. 

D. If you chose the quarantine action, you must decide whether the quarantine type is NAC quarantine or File quarantine. 

Answer:


Q20. - (Topic 2) 

Examine the Exhibit shown below; then answer the question following it. 

In this scenario, the Fortigate unit in Ottawa has the following routing table: 

S* 0.0.0.0/0 [10/0] via 172.20.170.254, port2 

C 172.20.167.0/24 is directly connected, port1 

C 172.20.170.0/24 is directly connected, port2 

Sniffer tests show that packets sent from the Source IP address 172.20.168.2 to the Destination IP address 172.20.169.2 are being dropped by the FortiGate unit located in Ottawa. Which of the following correctly describes the cause for the dropped packets? 

A. The forward policy check. 

B. The reverse path forwarding check. 

C. The subnet 172.20.169.0/24 is NOT in the Ottawa FortiGate unit’s routing table. 

D. The destination workstation 172.20.169.2 does NOT have the subnet 172.20.168.0/24 in its routing table. 

Answer:


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.