getcertified4sure.com

NSE5 Exam

Top 10 lab NSE5 for examinee (11 to 20)



Our pass rate is high to 98.9% and the similarity percentage between our NSE5 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Fortinet NSE5 exam in just one try? I am currently studying for the Fortinet NSE5 exam. Latest Fortinet NSE5 Test exam practice questions and answers, Try Fortinet NSE5 Brain Dumps First.

Q11. - (Topic 1) 

Which of the following email spam filtering features is NOT supported on a FortiGate unit? 

A. Multipurpose Internet Mail Extensions (MIME) Header Check 

B. HELO DNS Lookup 

C. Greylisting 

D. Banned Word 

Answer:


Q12. - (Topic 2) 

Which of the following represents the correct order of criteria used for the selection of a Master unit within a FortiGate High Availability (HA) cluster when master override is disabled? 

A. 1. port monitor, 2. unit priority, 3. up time, 4. serial number 

B. 1. port monitor, 2. up time, 3. unit priority, 4. serial number 

C. 1. unit priority, 2. up time, 3. port monitor, 4. serial number 

D. 1. up time, 2. unit priority, 3. port monitor, 4. serial number 

Answer:


Q13. - (Topic 1) 

Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. How are UTM features applied to traffic? 

A. One or more UTM features are enabled in a firewall policy. 

B. In the system configuration for that UTM feature, you can identify the policies to which the feature is to be applied. 

C. Enable the appropriate UTM objects and identify one of them as the default. 

D. For each UTM object, identify which policy will use it. 

Answer:


Q14. - (Topic 3) 

An intermittent connectivity issue is noticed between two devices located behind the FortiGate dmz and internal interfaces. A continuous sniffer trace is run on the FortiGate unit that the administrator will convert into a .cap file for an off-line analysis with a sniffer application. 

Given the high volume of global traffic on the network, which of the following CLI commands will best allow the administrator to perform this troubleshooting operation? 

A. diagnose sniffer packet any 

B. diagnose sniffer packet dmz "" 3 

C. diagnose sniffer packet any "host 192.168.1.100 and host 192.168.10.100 " 3 

D. diagnose sniffer packet any "host 192.168.1.100 and host 192.168.10.100 “ 4 

Answer:


Q15. - (Topic 2) 

Review the IPsec Phase2 configuration shown in the Exhibit; then answer the question following it. 

Which of the following statements are correct regarding this configuration? (Select all that apply). 

A. The Phase 2 will re-key even if there is no traffic. 

B. There will be a DH exchange for each re-key. 

C. The sequence number of ESP packets received from the peer will not be checked. 

D. Quick mode selectors will default to those used in the firewall policy. 

Answer: A,B 


Q16. CORRECT TEXT - (Topic 1) 

The __________CLI command is used on the FortiGate unit to run static commands such as ping or to reset the FortiGate unit to factory defaults. 

Answer: execute 


Q17. - (Topic 1) 

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.) 

A. Forward-only 

B. Non-recursive 

C. Recursive 

D. Iterative 

E. Conditional-forward 

Answer: A,B,C 


Q18. - (Topic 3) 

A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit. 

Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit? 

A. The FortiGate unit is considered an unregistered device. 

B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator. 

C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges. 

D. The FortiGate unit is being treated as a syslog device and is only permitted to send log data. 

Answer:


Q19. - (Topic 3) 

Which of the following statements is correct about configuring web filtering overrides? 

A. The Override option for FortiGuard Web Filtering is available for any user group type. 

B. Admin overrides require an administrator to manually allow pending override requests which are listed in the Override Monitor. 

C. The Override Scopes of User and User Group are only for use when Firewall Policy Authentication is also being used. 

D. Using Web Filtering Overrides requires the use of Firewall Policy Authentication. 

Answer:


Q20. - (Topic 3) 

Which of the following DLP actions will always be performed if it is selected? 

A. Archive 

B. Quarantine Interface 

C. Ban Sender 

D. Block 

E. None 

F. Ban 

G. Quarantine IP Address 

Answer:


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.