getcertified4sure.com

NSE5 Exam

A Review Of Guaranteed NSE5 free demo



Cause all that matters here is passing the Fortinet NSE5 exam. Cause all that you need is a high score of NSE5 Fortinet Network Security Expert 5 Written Exam (500) exam. The only one thing you need to do is downloading Actualtests NSE5 exam study guides now. We will not let you down with our money-back guarantee.

Q31. - (Topic 1) 

Users may require access to a web site that is blocked by a policy. Administrators can give 

users the ability to override the block. Which of the following statements regarding overrides is NOT correct? 

A. A web filter profile may only have one user group defined as an override group. 

B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering. 

C. When requesting an override, the matched user must belong to a user group for which the override capabilty has been enabled. 

D. Overrides can be allowed by the administrator for a specific period of time. 

Answer:


Q32. - (Topic 1) 

You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct? 

A. 192.168.2.0 / 255.255.255.0 

B. 192.168.2.2 / 255.255.255.0 

C. 192.168.2.0 / 255.255.255.255 

D. 192.168.2.2 / 255.255.255.255 

Answer:


Q33. - (Topic 1) 

When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge. 

Select all supported protocols from the following: 

A. SMTP 

B. SSH 

C. HTTP 

D. FTP 

E. SCP 

Answer: C,D 


Q34. - (Topic 1) 

Which of the following email spam filtering features is NOT supported on a FortiGate unit? 

A. Multipurpose Internet Mail Extensions (MIME) Header Check 

B. HELO DNS Lookup 

C. Greylisting 

D. Banned Word 

Answer:


Q35. - (Topic 1) 

If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces? 

A. The traffic is blocked. 

B. The traffic is passed. 

C. The traffic is passed and logged. 

D. The traffic is blocked and logged. 

Answer:


Q36. - (Topic 1) 

Examine the firewall configuration shown below; then answer the question following it. 

Which of the following statements are correct based on the firewall configuration illustrated in the exhibit? (Select all that apply.) 

A. A user can access the Internet using only the protocols that are supported by user authentication. 

B. A user can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP. These require authentication before the user will be allowed access. 

C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access any services. 

D. A user cannot access the Internet using any protocols unless the user has passed firewall authentication. 

Answer: A,D 


Q37. - (Topic 1) 

An end user logs into the SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has not enabled split tunneling and so the end user must access the Internet through the SSL VPN Tunnel. 

Which firewall policies are needed to allow the end user to not only access the internal network but also reach the Internet? 

A) 

B) 

C) 

D) 

A. Exhibit A 

B. Exhibit B 

C. Exhibit C 

D. Exhibit D 

Answer:


Q38. - (Topic 1) 

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies? 

A. TCP connection 

B. File attachments 

C. Message headers 

D. Message body 

Answer:


Q39. - (Topic 2) 

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the Exhibit below. 

Which of the following statements are correct regarding this setting? (Select all that apply.) 

A. Interface settings on port7 will not be synchronized with other cluster members. 

B. The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface. 

C. Port7 appears in the routing table. 

D. A gateway address may be configured for port7. 

E. When connecting to port7 you always connect to the master device. 

Answer: A,D 


Q40. - (Topic 3) 

WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? 

A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule. 

B. The attempt will be accepted when there is a matching WAN optimization passive rule. 

C. The attempt will be accepted when the request comes from a known peer. 

D. The attempt will be accepted when a user on the remote peer accepts the connection request. 

Answer:


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.