Implement Network Security Management and Analytics Exam / NSE5 Dumps / NSE5 Exam Questions / NSE5 PDF Dumps / NSE5 VCE Dumps

Recently Published Fortinet NSE5 Dumps from PassLeader with VCE and PDF (Question 51 – Question 75)

PassLeader just published the NEWEST Fortinet NSE5 exam dumps! And, PassLeader offer two types of the NSE5 dumps — NSE5 VCE dumps and NSE5 PDF dumps, both VCE and PDF contain the NEWEST NSE5 exam questions, they will help you PASSING the Fortinet NSE5 exam easily! Now, get the NEWEST NSE5 dumps in VCE and PDF from PassLeaderhttp://www.passleader.com/nse5.html (320 Q&As Dumps)

What’s more, part of that PassLeader NSE5 dumps now are freehttps://drive.google.com/open?id=0B-ob6L_QjGLpU0FrbTh1X3JMSmM

QUESTION 51
Which of the following statements is correct regarding URL Filtering on the FortiGate unit?

A.    The available actions for URL Filtering are Allow and Block.
B.    Multiple URL Filter lists can be added to a single Web filter profile.
C.    A FortiGuard Web Filtering Override match will override a block action in the URL filter list.
D.    The available actions for URL Filtering are Allow, Block and Exempt.

Answer: D

QUESTION 52
The command structure of the CLI on a FortiGate unit consists of commands, objects, branches, tables and parameters. Which of the following items describes port1?

A.    A command.
B.    An object.
C.    A table.
D.    A parameter.

Answer: C

QUESTION 53
How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?

A.    A static route must be configured by the administrator using the ssl.root interface as the outgoing interface.
B.    Assignment of an IP address to the client causes a host route to be added to the FortiGate unit’s kernel routing table.
C.    A route back to the SSLVPN IP pool is automatically created on the FortiGate unit.
D.    The FortiGate unit adds a route based upon the destination address in the SSL VPN firewall policy.

Answer: B

QUESTION 54
A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

A.    Split tunneling can be enabled when using tunnel mode SSL VPN.
B.    Client software is required to be able to use a tunnel mode SSL VPN.
C.    Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy.
D.    The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

Answer: ABCD

QUESTION 55
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)

A.    FortiGate
B.    FortiClient
C.    FortiMail
D.    FortiAnalyzer

Answer: ABC

QUESTION 56
Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. An administrator must assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?

A.    Enable a set of unique UTM features under “Edit User Group”.
B.    The administrator must enable the UTM features in an identify-based policy applicable to the user group.
C.    When defining the UTM objects, the administrator must list the user groups which will use the UTM object.
D.    The administrator must apply the UTM features directly to a user object.

Answer: B

QUESTION 57
FortiGate units are preconfigured with four default protection profiles. These protection profiles are used to control the type of content inspection to be performed. What action must be taken for one of these profiles to become active?

A.    The protection profile must be assigned to a firewall policy.
B.    The “Use Protection Profile” option must be selected in the Web Config tool under the sections for AntiVirus, IPS, WebFilter, and AntiSpam.
C.    The protection profile must be set as the Active Protection Profile.
D.    All of the above.

Answer: A

QUESTION 58
Which one of the following statements is correct about raw log messages?

A.    Logs have a header and a body section. The header will have the same layout for every log message. The body section will change layout from one type of log message to another.
B.    Logs have a header and a body section. The header and body will change layout from one type of log message to another.
C.    Logs have a header and a body section. The header and body will have the same layout for every log message.

Answer: A

QUESTION 59
In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ____ services.

Answer: antispam

QUESTION 60
The FortiGate unit’s GUI provides a link to update the firmware. Clicking this link will perform which of the following actions?

A.    It will connect to the Fortinet Support site where the appropriate firmware version can be selected.
B.    It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C.    It will present a prompt to allow browsing to the location of the firmware file.
D.    It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.

Answer: C

QUESTION 61
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

A.    The FortiGate unit applies NAT to all traffic.
B.    The FortiGate unit functions as a Layer 3 device.
C.    The FortiGate unit functions as a Layer 2 device.
D.    The FortiGate unit functions as a router and the firewall function is disabled.

Answer: B

QUESTION 62
Which of the following statements correctly describes how a FortiGate unit functions in Transparent mode?

A.    To manage the FortiGate unit, one of the interfaces must be designated as the management interface. This interface may not be used for forwarding data.
B.    An IP address is used to manage the FortiGate unit but this IP address is not associated with a specific interface.
C.    The FortiGate unit must use public IP addresses on the internal and external networks.
D.    The FortiGate unit uses private IP addresses on the internal network but hides them using address translation.

Answer: B

QUESTION 63
What is the FortiGate unit password recovery process?

A.    Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.
B.    Log in through the console port using the “maintainer” account within approximately 30 seconds of a reboot.
C.    Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password.
D.    The only way to regain access is to interrupt the boot sequence and restore a configuration file for which the password has been modified.

Answer: B

QUESTION 64
The default administrator profile that is assigned to the default “admin” user on a FortGate device is: ____.

A.    trusted-admin
B.    super_admin
C.    super_user
D.    admin
E.    fortinet-root

Answer: B

QUESTION 65
What is the FortiGate unit password recovery process?

A.    Interupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.
B.    Log in through the console port using the maintainer account within several minutes of a reboot.
C.    Hold CTRL + break during reboot and reset the admin password.
D.    The only way to regain access is to interrupt boot sequence and restore a configuration file for which the password has been modified.

Answer: B

QUESTION 66
An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.)

A.    An entry in a supported LDAP Directory.
B.    A digital certificate issued by any CA server.
C.    A valid username and password.
D.    A digital certificate issued by the FortiGate unit.
E.    Membership in a firewall user group.

Answer: BE

QUESTION 67
A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. Which one of the following statements is correct regarding the use of web-only mode SSL VPN?

A.    Web-only mode supports SSL version 3 only.
B.    A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN.
C.    Web-only mode requires the user to have a web browser that supports 64-bit cipher length.
D.    The JAVA run-time environment must be installed on the client to be able to connect to a web-only mode SSL VPN.

Answer: C

QUESTION 68
In which order are firewall policies processed on the FortiGate unit?

A.    They are processed from the top down according to their sequence number.
B.    They are processed based on the policy ID number shown in the left hand column of the policy window.
C.    They are processed on best match.
D.    They are processed based on a priority value assigned through the priority column in the policy window.

Answer: A

QUESTION 69
Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.)

A.    Push update
B.    Scheduled update
C.    Manual update
D.    FTP update

Answer: ABC

QUESTION 70
File blocking rules are applied before which of the following?

A.    Firewall policy processing
B.    Virus scanning
C.    Web URL filtering
D.    White/Black list filtering

Answer: B

QUESTION 71
Which statement is correct regarding virus scanning on a FortiGate unit?

A.    Virus scanning is enabled by default.
B.    Fortinet Customer Support enables virus scanning remotely for you.
C.    Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy.
D.    Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through the FortiGate device.

Answer: C

QUESTION 72
UTM features can be applied to which of the following items?

A.    Firewall policies
B.    User groups
C.    Policy routes
D.    Address groups

Answer: A

QUESTION 73
Which of the following are valid authentication user group types on a FortiGate unit? (Select all that apply.)

A.    Firewall
B.    Directory Service
C.    Local
D.    LDAP
E.    PKI

Answer: AB

QUESTION 74
Which Fortinet products & features could be considered part of a comprehensive solution to monitor and prevent the leakage of senstive data? (Select all that apply.)

A.    Archive non-compliant outgoing e-mails using FortiMail.
B.    Restrict unofficial methods of transferring files such as P2P using Application Control lists on a FortiGate.
C.    Monitor database activity using FortiAnalyzer.
D.    Apply a DLP sensor to a firewall policy.
E.    Configure FortiClient to prevent files flagged as sensitive from being copied to a USB disk.

Answer: ABD

QUESTION 75
A FortiGate unit can act as which of the following? (Select all that apply.)

A.    Antispam filter
B.    Firewall
C.    VPN gateway
D.    Mail relay
E.    Mail server

Answer: ABC


Learning the PassLeader NSE5 dumps with VCE and PDF for 100% passing Fortinet certificationhttp://www.passleader.com/nse5.html (320 Q&As Dumps)

BONUS!!! Download part of PassLeader NSE5 dumps for freehttps://drive.google.com/open?id=0B-ob6L_QjGLpU0FrbTh1X3JMSmM