getcertified4sure.com

NSE5 Exam

[100% Correct] NSE5 Fortinet exam answers 101-110 (Oct 2021)



Proper study guides for Far out Fortinet Fortinet Network Security Expert 5 Written Exam (500) certified begins with Fortinet NSE5 preparation products which designed to deliver the Verified NSE5 questions by making you pass the NSE5 test at your first time. Try the free NSE5 demo right now.

Q101. - (Topic 2) 

Identify the statement which correctly describes the output of the following command: diagnose ips anomaly list 

A. Lists the configured DoS policy. 

B. List the real-time counters for the configured DoS policy. 

C. Lists the errors captured when compiling the DoS policy. 

Answer:


Q102. - (Topic 1) 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy. 

Exhibit A: 

Exhibit B: 

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine? 

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected. 

B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message. 

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed. 

D. The FortiGate unit will reject the infected email and notify the sender. 

Answer:


Q103. - (Topic 3) 

A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity. 

The following troubleshooting commands are executed from the CLI: 

user1 # get system interface 

== [ internal ] 

namE. internal modE. static ip: 10.0.1.254 255.255.255.128 status: up 

netbios-forwarD. disable typE. physical mtu-overridE. disable 

== [ vlan1 ] 

namE. vlan1 modE. static ip: 10.0.1.1 255.255.255.128 status: up netb 

ios-forwarD. disable typE. vlan mtu-overridE. disable 

user1 # get router info routing-table all 

Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP 

O - OSPF, IA - OSPF inter area 

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 

E1 - OSPF external type 1, E2 - OSPF external type 2 

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 

* - candidate default 

S 10.0.0.0/8 [10/0] is a summary, Null 

C 10.0.1.0/25 is directly connected, vlan1 

C 10.0.1.128/25 is directly connected, internal 

user1 # diagnose debug flow trace start 100 

user1 # diagnose debug ena 

user1 # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1 

id=20085 trace_id=277 msg="vd-root received a packet(proto=6, 10.0.1.130 

:47922->10.0.1.1:443) from internal." 

id=20085 trace_id=277 msg="allocate a new session-00000b21" 

id=20085 trace_id=277 msg="iprope_in_check() check failed, drop" 

Based on the output from these commands, which of the following is a possible cause of the problem? 

A. The FortiGate unit has no route back to the PC. 

B. The PC has an IP address in the wrong subnet. 

C. The PC is using an incorrect default gateway IP address. 

D. There is no firewall policy allowing traffic from INTERNAL -> VLAN1. 

Answer:


Q104. - (Topic 1) 

Which of the following statements is correct regarding URL Filtering on the FortiGate unit? 

A. The FortiGate unit can filter URLs based on patterns using text and regular expressions. 

B. The available actions for URL Filtering are Allow and Block. 

C. Multiple URL Filter lists can be added to a single Web filter profile. 

D. A FortiGuard Web Filtering Override match will override a block action in the URL filter list. 

Answer:


Q105. - (Topic 1) 

A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. 

In addition, the system setting ‘utm-incident-traffic-log’ has been enabled..In which log will a UTM event message be stored? 

A. Traffic 

B. UTM 

C. System 

D. None 

Answer:


Q106. - (Topic 3) 

Which of the following represents the method used on a FortiGate unit running FortiOS version 4.2 to apply traffic shaping to P2P traffic, such as BitTorrent? 

A. Apply a Traffic Shaper to a BitTorrent entry in an Application Control List. 

B. Enable the Shape option in a Firewall policy with a Service set to BitTorrent. 

C. Define a DLP Rule to match against BitTorrent traffic and include the rule in a DLP Sensor with Traffic Shaping enabled. 

D. Specify the amount of Rate Limiting to be applied to BitTorrent traffic through the P2P settings of the Firewall Policy Protocol Options. 

Answer:


Q107. - (Topic 3) 

Which of the following methods does the FortiGate unit use to determine the availability of a web cache using Web Cache Communication Protocol (WCCP)? 

A. The FortiGate unit receives periodic "Here I am" messages from the web cache. 

B. The FortiGate unit polls all globally-defined web cache servers at a regular intervals. 

C. The FortiGate using uses the health check monitor to verify the availability of a web cache server. 

D. The web cache sends an "I see you" message which is captured by the FortiGate unit. 

Answer:


Q108. - (Topic 3) 

An administrator logs into a FortiGate unit using an account which has been assigned a super_admin profile. Which of the following operations can this administrator perform? 

A. They can delete logged-in users who are also assigned the super_admin access profile. 

B. They can make changes to the super_admin profile. 

C. They can delete the admin account if the default admin user is not logged in. 

D. They can view all the system configuration settings but can not make changes. 

E. They can access configuration options for only the VDOMs to which they have been assigned. 

Answer:


Q109. - (Topic 3) 

The transfer of encrypted files or the use of encrypted protocols between users and servers on the internet can frustrate the efforts of administrators attempting to monitor traffic passing through the FortiGate unit and ensuring user compliance to corporate rules. 

Which of the following items will allow the administrator to control the transfer of encrypted data through the FortiGate unit? (Select all that apply.) 

A. Encrypted protocols can be scanned through the use of the SSL proxy. 

B. DLP rules can be used to block the transmission of encrypted files. 

C. Firewall authentication can be enabled in the firewall policy, preventing the use of encrypted communications channels. 

D. Application control can be used to monitor the use of encrypted protocols; alerts can be sent to the administrator through email when the use of encrypted protocols is attempted. 

Answer: A,B,D 


Q110. - (Topic 3) 

WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? 

A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule. 

B. The attempt will be accepted when there is a matching WAN optimization passive rule. 

C. The attempt will be accepted when the request comes from a known peer. 

D. The attempt will be accepted when a user on the remote peer accepts the connection request. 

Answer:


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.