getcertified4sure.com

NSE5 Exam

Shortcuts To NSE5(131 to 140)



Proper study guides for Improved Fortinet Fortinet Network Security Expert 5 Written Exam (500) certified begins with Fortinet NSE5 preparation products which designed to deliver the Practical NSE5 questions by making you pass the NSE5 test at your first time. Try the free NSE5 demo right now.

Q131. - (Topic 1) 

The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ . 

A. set order 

B. edit policy 

C. reorder 

D. move 

Answer:


Q132. - (Topic 3) 

Which of the following items are considered to be advantages of using the application control features on the FortiGate unit? 

Application control allows an administor to: 

A. set a unique session-ttl for select applications. 

B. customize application types in a similar way to adding custom IPS signatures. 

C. check which applications are installed on workstations attempting to access the network. 

D. enable AV scanning per application rather than per policy. 

Answer:


Q133. - (Topic 1) 

Which email filter is NOT available on a FortiGate device? 

A. Sender IP reputation database. 

B. URLs included in the body of known SPAM messages. 

C. Email addresses included in the body of known SPAM messages. 

D. Spam object checksums. 

E. Spam grey listing. 

Answer:


Q134. - (Topic 3) 

A network administrator needs to implement dynamic route redundancy between a FortiGate unit located in a remote office and a FortiGate unit located in the central office. 

The remote office accesses central resources using IPSec VPN tunnels through two different Internet providers. 

What is the best method for allowing the remote office access to the resources through the FortiGate unit used at the central office? 

A. Use two or more route-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces. 

B. Use two or more policy-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces. 

C. Use route-based VPNs on the central office FortiGate unit to advertise routes with a dynamic routing protocol and use a policy-based VPN on the remote office with two or more static default routes. 

D. Dynamic routing protocols cannot be used over IPSec VPN tunnels. 

Answer:


Q135. - (Topic 1) 

The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________. 

A. trusted-admin 

B. super_admin 

C. super_user 

D. admin 

E. fortinet-root 

Answer:


Q136. - (Topic 1) 

Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.) 

A. Manual, user-initiated updates from the FortiGuard Distribution Network. 

B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network. 

C. Push updates from the FortiGuard Distribution Network. 

D. Update status including version numbers, expiry dates, and most recent update dates and times. 

Answer: A,B,C,D 


Q137. - (Topic 3) 

You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from either side to be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate unit already has a default route. 

Which of the following configuration steps are required to achieve these objectives? (Select all that apply.) 

A. Create one firewall policy. 

B. Create two firewall policies. 

C. Add a route for the remote subnet. 

D. Add a route for incoming traffic. 

E. Create a phase 1 definition. 

F. Create a phase 2 definition. 

Answer: B,C,E,F 


Q138. - (Topic 1) 

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies? 

A. TCP connection 

B. File attachments 

C. Message headers 

D. Message body 

Answer:


Q139. - (Topic 1) 

Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.) 

A. Backup the configuration. 

B. Disconnect redundant cables to ensure the topology will not contain layer 2 loops. 

C. Set the unit to factory defaults. 

D. Update IPS and AV files. 

Answer: A,B 


Q140. - (Topic 1) 

A FortiGate 60 unit is configured for your small office. The DMZ interface is connected to a network containing a web server and email server. The Internal interface is connected to a network containing 10 user workstations and the WAN1 interface is connected to your ISP. 

You want to configure firewall policies so that your users can send and receive email messages to the email server on the DMZ network. You also want the email server to be able to retrieve email messages from an email server hosted by your ISP using the POP3 protocol. 

Which policies must be created for this communication? (Select all that apply.) 

A. Internal > DMZ 

B. DMZ > Internal 

C. Internal > WAN1 

D. WAN1 > Internal 

E. DMZ > WAN1 

F. WAN1 > DMZ 

Answer: A,E 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.