NSE5 practice exam(151 to 165) for IT engineers: Mar 2016 Edition

Accurate of NSE5 test engine materials and samples for Fortinet certification for IT engineers, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Today!

2016 Mar NSE5 Study Guide Questions:

Q151. - (Topic 1) 

Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.) 

A. Backup the configuration. 

B. Disconnect redundant cables to ensure the topology will not contain layer 2 loops. 

C. Set the unit to factory defaults. 

D. Update IPS and AV files. 

Answer: A,B 

Q152. - (Topic 1) 

What is the FortiGate unit password recovery process? 

A. Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry. 

B. Log in through the console port using the “maintainer” account within approximately 30 seconds of a reboot. 

C. Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password. 

D. The only way to regain access is to interrupt the boot sequence and restore a configuration file for which the password has been modified. 

Answer: B 

Q153. - (Topic 2) 

Examine the static route configuration shown below; then answer the question following it. 

config router static 

edit 1 

set dst 

set device port1 

set gateway 

set distance 10 

set weight 5 


edit 2 

set dst 

set blackhole enable 

set distance 5 

set weight 10 



Which of the following statements correctly describes the static routing configuration provided? (Select all that apply.) 

A. All traffic to will always be dropped by the FortiGate unit. 

B. As long as port1 is up, all the traffic to will be routed by the static route number 1. If the interface port1 is down, the traffic will be routed using the blackhole route. 

C. The FortiGate unit will NOT create a session entry in the session table when the traffic is being routed by the blackhole route. 

D. The FortiGate unit will create a session entry in the session table when the traffic is being routed by the blackhole route. 

E. Traffic to will be shared through both routes. 

Answer: A,C 

Q154. - (Topic 1) 

In which order are firewall policies processed on the FortiGate unit? 

A. They are processed from the top down as they appear in Web Config. 

B. They are processed based on the policy ID number shown in the left hand column of the policy window. 

C. They are processed using a policy hierarchy scheme that allows for multiple decision branching. 

D. They are processed based on a priority value assigned through the priority column in the policy window. 

Answer: A 

Q155. - (Topic 3) 

A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit. 

Which of the following statements are correct regarding these VDOMs? (Select all that apply.) 

A. The FortiGate unit supports any combination of these VDOMs in NAT/Route and Transparent modes. 

B. The FortiGate unit must be a model 1000 or above to support multiple VDOMs. 

C. A license had to be purchased and applied to the FortiGate unit before VDOM mode could be enabled. 

D. All VDOMs must operate in the same mode. 

E. Changing a VDOM operational mode requires a reboot of the FortiGate unit. 

F. An admin account can be assigned to one VDOM or it can have access to all three VDOMs. 

Answer: A,F 

NSE5 practice test

Renovate NSE5 test:

Q156. - (Topic 3) 

A FortiGate unit is operating in NAT/Route mode and is configured with two Virtual LAN (VLAN) sub-interfaces added to the same physical interface. 

Which of the following statements is correct regarding the VLAN IDs in this scenario? 

A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets. 

B. The two VLAN sub-interfaces must have different VLAN IDs. 

C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs. 

D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches. 

Answer: B 

Q157. - (Topic 1) 

Which of the following products can be installed on a computer running Windows XP to provide personal firewall protection, antivirus protection, web and mail filtering, spam filtering, and VPN functionality? 

A. FortiGate 

B. FortiAnalyzer 

C. FortiClient 

D. FortiManager 

E. FortiReporter 

Answer: C 

Q158. - (Topic 1) 

Which of the following items does NOT support the.Logging feature? 

A. File Filter 

B. Application control 

C. Session timeouts 

D. Administrator activities 

E. Web URL filtering 

Answer: C 

Q159. - (Topic 2) 

Review the output of the command get router info routing-table all shown in the Exhibit below; then answer the question following it. 

Which one of the following statements correctly describes this output? 

A. The two routes to the subnet are ECMP routes and traffic will be load balanced based on the configured ECMP settings. 

B. The route to the subnet via interface Remote_1 is the active and the route via Remote_2 is the backup. 

C. OSPF does not support ECMP therefore only the first route to subnet is used. 

D. is the preferred gateway for subnet 

Answer: A 

Q160. - (Topic 1) 

By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action? 

A. Block all network attacks. 

B. Block the most common network attacks. 

C. Allow all traffic. 

D. Allow and log all traffic. 

Answer: C 

NSE5 latest exam

Realistic NSE5 rapidshare:

Q161. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit includes a pre-defined library of common banned words. 

Answer: A,B,C 

Q162. - (Topic 1) 

If a FortiGate unit has a dmz interface IP address of with a subnet mask of, what is a valid dmz DHCP addressing range? 

A. - 

B. - 

C. - 

D. All of the above. 

Answer: B 

Q163. - (Topic 1) 

File blocking rules are applied before which of the following? 

A. Firewall policy processing 

B. Virus scanning 

C. Web URL filtering 

D. White/Black list filtering 

Answer: B 

Q164. - (Topic 3) 

A FortiGate administrator configures a Virtual Domain (VDOM) for a new customer. After creating the VDOM, the administrator is unable to reassign the dmz interface to the new VDOM as the option is greyed out in Web Config in the management VDOM. 

What would be a possible cause for this problem? 

A. The dmz interface is referenced in the configuration of another VDOM. 

B. The administrator does not have the proper permissions to reassign the dmz interface. 

C. Non-management VDOMs can not reference physical interfaces. 

D. The dmz interface is in PPPoE or DHCP mode. 

E. Reassigning an interface to a different VDOM can only be done through the CLI. 

Answer: A 

Q165. - (Topic 1) 

Which of the following authentication types are supported by FortiGate units? (Select all that apply.) 

A. Kerberos 



D. Local Users 

Answer: B,C,D 

Fortinet NSE5 Certification Sample Questions and Answers: http://www.braindumpsall.net/NSE5-dumps/

P.S. New NSE5 dumps PDF: http://www.4easydumps.com/NSE5-dumps-download.html