★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW NSE5 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/NSE5-dumps.html
Exact of NSE5 actual exam materials and testing bible for Fortinet certification for consumer, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!
2021 Sep NSE5 braindumps
Q121. - (Topic 3)
A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit.
Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?
A. The FortiGate unit is considered an unregistered device.
B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator.
C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges.
D. The FortiGate unit is being treated as a syslog device and is only permitted to send log data.
Answer: A
Q122. - (Topic 3)
An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down.
Which of the following statements best describes how to resolve this issue?
A. This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user's web portal.
B. This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface.
C. Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal.
D. Make sure that only Internet Explorer is used. All other browsers are unsupported.
Answer: B
Q123. - (Topic 3)
Which of the following tasks fall under the responsibility of the SSL proxy in a typical HTTPS connection? (Select all that apply.)
A. The web client SSL handshake.
B. The web server SSL handshake.
C. File buffering.
D. Communication with the urlfilter process.
Answer: A,B
Q124. - (Topic 1)
When backing up the configuration file on a FortiGate unit, the contents can be encrypted
by enabling the encrypt option and supplying a password.
If the password is forgotten, the configuration file can still be restored using which of the following methods?
A. Selecting the recover password option during the restore process.
B. Having the password emailed to the administrative user by selecting the Forgot Password option.
C. Sending the configuration file to Fortinet Support for decryption.
D. If the password is forgotten, there is no way to use the file.
Answer: D
Q125. - (Topic 1)
Which of the following statements regarding the firewall policy authentication timeout is true?
A. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user’s source IP.
B. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user’s source IP after this timer has expired.
C. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user’s source MAC.
D. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user’s source MAC after this timer has expired.
Answer: A
Far out NSE5 training:
Q126. - (Topic 1)
Which of the following statements correctly describes how a push update from the FortiGuard Distribution Network (FDN) works?
A. The FDN sends push updates only once.
B. The FDN sends package updates automatically to the FortiGate unit without requiring an update request.
C. The FDN continues to send push updates until the FortiGate unit sends an acknowledgement.
D. The FDN sends a message to the FortiGate unit that there is an update available and that the FortiGate unit should download the update.
Answer: D
Q127. - (Topic 1)
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. TCP connection
B. File attachments
C. Message headers
D. Message body
Answer: A
Q128. - (Topic 1)
Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.)
A. A protection profile may have only one user group defined as an override group.
B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.
C. Authentication to allow the override is based on a user's membership in a user group.
D. Overrides can be allowed by the administrator for a specific period of time.
Answer: B,C,D
Q129. - (Topic 3)
Which of the following features could be used by an administrator to block FTP uploads while still allowing FTP downloads?
A. Anti-Virus File-Type Blocking
B. Data Leak Prevention
C. Network Admission Control
D. FortiClient Check
Answer: B
Q130. - (Topic 2)
Review the output of the command config router ospf shown in the Exhibit below; then answer the question following it.
Which one of the following statements is correct regarding this output?
A. OSPF Hello packets will only be sent on interfaces configured with the IP addresses
172.16.1.1 and 172.16.1.2.
B. OSPF Hello packets will be sent on all interfaces of the FortiGate device.
C. OSPF Hello packets will be sent on all interfaces configured with an address matching the 10.0.1.0/24 and 172.16.0.0/12 networks.
D. OSPF Hello packets are not sent on point-to-point networks.
Answer: C