getcertified4sure.com

NSE5 Exam

The Updated Guide To NSE5 faq Jan 2021



It is impossible to pass Fortinet NSE5 exam without any help in the short term. Come to Testking soon and find the most advanced, correct and guaranteed Fortinet NSE5 practice questions. You will get a surprising result by our Up to the immediate present Fortinet Network Security Expert 5 Written Exam (500) practice guides.

Q61. - (Topic 1) 

Which of the following methods can be used to access the CLI? (Select all that apply.) A. By using a direct connection to a serial console. 

B. By using the CLI console window in Web Config. 

C. By using an SSH connection. 

D. By using a Telnet connection. 

Answer: A,B,C,D 


Q62. - (Topic 1) 

Which of the following authentication types are supported by FortiGate units? (Select all that apply.) 

A. Kerberos 

B. LDAP 

C. RADIUS 

D. Local Users 

Answer: B,C,D 


Q63. - (Topic 3) 

Which of the following statements correctly describes the deepscan option for HTTPS? 

A. When deepscan is disabled, only the web server certificate is inspected; no decryption of content occurs. 

B. Enabling deepscan will perform further checks on the server certificate. 

C. Deepscan is only applicable to mail protocols, where all IP addresses in the header are checked. 

D. With deepscan enabled, archived files will be decompressed before scanning for a more comprehensive file inspection. 

Answer:


Q64. - (Topic 1) 

Which of the following statements are true of the FortiGate unit’s factory default configuration? 

A. ‘Port1’ or ‘Internal’ interface will have an IP of 192.168.1.99. 

B. ‘Port1’ or ‘Internal’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers). 

C. Default login will always be the username: admin (all lowercase) and no password. 

D. The implicit firewall action is ACCEPT. 

Answer: A,B,C 


Q65. - (Topic 1) 

What are the valid sub-types for a Firewall type policy? (Select all that apply) 

A. Device Identity 

B. Address 

C. User Identity 

D. Schedule 

E. SSL VPN 

Answer: A,B,C 


Q66. - (Topic 1) 

Which statement is correct regarding virus scanning on a FortiGate unit? 

A. Virus scanning is enabled by default. 

B. Fortinet Customer Support enables virus scanning remotely for you. 

C. Virus scanning must be enabled in a protection profile and the protection profile must be assigned to a firewall policy. 

D. Enabling virus scanning in a protection profile enables virus scanning for all traffic flowing through the FortiGate. 

Answer:


Q67. - (Topic 1) 

DLP archiving gives the ability to store session transaction data on a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.) 

A. SNMP 

B. IPSec 

C. SMTP 

D. POP3 

E. HTTP 

Answer: C,D,E 


Q68. - (Topic 2) 

The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows. 

Exhibit A – Antivirus Profile: 

Exhibit B – Non-default UTM Proxy Options Profile: 

Exhibit C – DLP Profile: 

Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol? 

A. Only Exhibit A 

B. Only Exhibit B 

C. Only Exhibit C with default UTM Proxy settings. 

D. All of the Exhibits (A, B and C) 

E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B). 

Answer:


Q69. - (Topic 1) 

The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters. Which of the following items describes user? 

A. A command. 

B. An object. 

C. A table. 

D. A parameter. 

Answer:


Q70. - (Topic 1) 

A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode. 

Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.) 

A. Split tunneling can be enabled when using tunnel mode SSL VPN. 

B. Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN. 

C. Users attempting to create a tunnel mode SSL VPN connection must be members of a configured user group on the FortiGate unit. 

D. Tunnel mode SSL VPN requires the FortiClient software to be installed on the user's computer. 

E. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit. 

Answer: A,B,C,E 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.