★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/NSE5-dumps.html
If you are any man that can recognize his shortcomings in Fortinet Fortinet exam preparation but have simply no ideas. Testking will be your helper. Testking.internet is the best internet site you should visit. Testking offers all the essential and common Fortinet NSE5 samples. The superior quality of Fortinet NSE5 exam dumps may change your current destiny in the field of That. The perfect Fortinet NSE5 practice materials, beyond just about any doubt, may guarantee you obtain the Fortinet certification. You can have accessibility to these kind of NSE5 study guides only through taking Testkings education course.
2021 Nov NSE5 exams
Q1. - (Topic 1)
Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention for traffic flowing through the FortiGate unit? (Select all that apply.)
A. Assign a DLP sensor in a firewall policy.
B. Apply one or more DLP rules to a firewall policy.
C. Enable DLP globally using the config sys dlp command in the CLI.
D. Define one or more DLP rules.
E. Define a DLP sensor.
F. Apply a DLP sensor to a DoS sensor policy.
Answer: A,D,E
Q2. - (Topic 1)
What are the valid sub-types for a Firewall type policy? (Select all that apply)
A. Device Identity
B. Address
C. User Identity
D. Schedule
E. SSL VPN
Answer: A,B,C
Q3. - (Topic 2)
Review the IPsec Phase2 configuration shown in the Exhibit; then answer the question following it.
Which of the following statements are correct regarding this configuration? (Select all that apply).
A. The Phase 2 will re-key even if there is no traffic.
B. There will be a DH exchange for each re-key.
C. The sequence number of ESP packets received from the peer will not be checked.
D. Quick mode selectors will default to those used in the firewall policy.
Answer: A,B
Q4. - (Topic 1)
Which of the following statements are true regarding Local User Authentication? (Select all that apply.)
A. Local user authentication is based on usernames and passwords stored locally on the FortiGate unit.
B. Two-factor authentication can be enabled on a per user basis.
C. Administrators can create an account for the user locally and specify the remote server to verify the password.
D. Local users are for administration accounts only and cannot be used for identity policies.
Answer: A,B,C
Q5. - (Topic 3)
Which of the following statements is correct regarding the FortiGuard Services Web Filtering Override configuration as illustrated in the exhibit?
A. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/.
B. A client with an IP of address 10.10.10.12 is allowed access to any subdirectory that is part of the www.yahoo.com web site.
C. A client with an IP address of 10.10.10.12 is allowed access to the www.yahoo.com/images/ web site and any of its offsite URLs.
D. A client with an IP address of 10.10.10.12 is allowed access to any URL under the www.yahoo.com web site, including any subdirectory URLs, until August 7, 2009.
E. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/ until August 7, 2009.
Answer: C
Up to date NSE5 exam fees:
Q6. - (Topic 3)
Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers?
A. WCCP must be enabled on the interface facing the Web cache.
B. You must enabled explicit Web-proxy on the incoming interface.
C. WCCP must be enabled as a global setting on the FortiGate unit.
D. WCCP must be enabled on all interfaces on the FortiGate unit through which HTTP traffic is passing.
Answer: A
Q7. - (Topic 1)
A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.
Exhibit A:
Exhibit B:
What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?
A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.
B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.
C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.
D. The FortiGate unit will reject the infected email and notify the sender.
Answer: B
Q8. - (Topic 1)
Which of the following statements correctly describes how a FortiGate unit functions in Transparent mode?
A. To manage the FortiGate unit, one of the interfaces must be designated as the management interface. This interface may not be used for forwarding data.
B. An IP address is used to manage the FortiGate unit but this IP address is not associated with a specific interface.
C. The FortiGate unit must use public IP addresses on the internal and external networks.
D. The FortiGate unit uses private IP addresses on the internal network but hides them using address translation.
Answer: B
Q9. - (Topic 1)
Encrypted backup files provide which of the following benefits? (Select all that apply.)
A. Integrity of the backup file is protected since it cannot be easily modified when encrypted.
B. Prevents the backup file from becoming corrupted.
C. Protects details of the device's configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.
Answer: A,C
Q10. - (Topic 3)
A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.
Which of the following statements are correct regarding these VDOMs? (Select all that apply.)
A. The FortiGate unit supports any combination of these VDOMs in NAT/Route and Transparent modes.
B. The FortiGate unit must be a model 1000 or above to support multiple VDOMs.
C. A license had to be purchased and applied to the FortiGate unit before VDOM mode could be enabled.
D. All VDOMs must operate in the same mode.
E. Changing a VDOM operational mode requires a reboot of the FortiGate unit.
F. An admin account can be assigned to one VDOM or it can have access to all three VDOMs.
Answer: A,F