Leading NSE5: Pass4sure real practice exam from 31 to 45

Exam Code: NSE5 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Fortinet Network Security Expert 5 Written Exam (500)
Certification Provider: Fortinet
Free Today! Guaranteed Training- Pass NSE5 Exam.

2016 Mar NSE5 Study Guide Questions:

Q31. CORRECT TEXT - (Topic 1) 

In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services. 

Answer: antispam 


Q32. - (Topic 3) 

WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? 

A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule. 

B. The attempt will be accepted when there is a matching WAN optimization passive rule. 

C. The attempt will be accepted when the request comes from a known peer. 

D. The attempt will be accepted when a user on the remote peer accepts the connection request. 

Answer: A 


Q33. - (Topic 1) 

Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. 

An administrator must assign a set of UTM features to a group of users. 

Which of the following is the correct method for doing this? 

A. Enable a set of unique UTM features under "Edit User Group". 

B. The administrator must enable the UTM features in an identify-based policy applicable to the user group. 

C. When defining the UTM objects, the administrator must list the user groups which will use the UTM object. 

D. The administrator must apply the UTM features directly to a user object. 

Answer: B 


Q34. - (Topic 1) 

A FortiGate 100 unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.) 

A. The external facing interface of the FortiGate unit is configured to use DHCP. 

B. The FortiGate unit has not been registered. 

C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network. 

D. The FortiGate unit is in Transparent mode. 

Answer: A,B,C 


Q35. - (Topic 1) 

Which of the following statements regarding the firewall policy authentication timeout is true? 

A. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user’s source IP. 

B. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user’s source IP after this timer has expired. 

C. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user’s source MAC. 

D. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user’s source MAC after this timer has expired. 

Answer: A 


NSE5 exam answers

Updated NSE5 actual test:

Q36. - (Topic 1) 

If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces? 

A. The traffic is blocked. 

B. The traffic is passed. 

C. The traffic is passed and logged. 

D. The traffic is blocked and logged. 

Answer: A 


Q37. - (Topic 1) 

Which of the following products is designed to manage multiple FortiGate devices? 

A. FortiGate device 

B. FortiAnalyzer device 

C. FortiClient device 

D. FortiManager device 

E. FortiMail device 

F. FortiBridge device 

Answer: D 


Q38. CORRECT TEXT - (Topic 1) 

When creating administrative users, the assigned _____________determines user rights on the FortiGate unit. 

Answer: access profile 


Q39. - (Topic 1) 

The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________. 

A. trusted-admin 

B. super_admin 

C. super_user 

D. admin 

E. fortinet-root 

Answer: B 


Q40. - (Topic 2) 

Review the IKE debug output for IPsec shown in the Exhibit below. 


Which one of the following statements is correct regarding this output? 

A. The output is a Phase 1 negotiation. 

B. The output is a Phase 2 negotiation. 

C. The output captures the Dead Peer Detection messages. 

D. The output captures the Dead Gateway Detection packets. 

Answer: C 


NSE5 exam question

Tested NSE5 simulations:

Q41. - (Topic 1) 

Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices? 

A. FortiGate device 

B. FortiAnalyzer device 

C. FortiClient device 

D. FortiManager device 

E. FortiMail device 

F. FortiBridge device 

Answer: B 


Q42. - (Topic 1) 

Which email filter is NOT available on a FortiGate device? 

A. Sender IP reputation database. 

B. URLs included in the body of known SPAM messages. 

C. Email addresses included in the body of known SPAM messages. 

D. Spam object checksums. 

E. Spam grey listing. 

Answer: E 


Q43. - (Topic 3) 

Which of the following items is NOT a packet characteristic matched by a firewall service object? 

A. ICMP type and code 

B. TCP/UDP source and destination ports 

C. IP protocol number 

D. TCP sequence number 

Answer: D 


Q44. - (Topic 1) 

Which of the following logging options are supported on a FortiGate unit? (Select all that apply.) 

A. LDAP 

B. Syslog 

C. FortiAnalyzer 

D. Local disk and/or memory 

Answer: B,C,D 


Q45. - (Topic 1) 

Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.) 

A. User must accept the disclaimer to proceed with the authentication process. 

B. The disclaimer page is customizable. 

C. The disclaimer cannot be used in combination with user authentication. 

D. The disclaimer can only be applied to wireless interfaces. 

Answer: A,B 


Fortinet NSE5 Certification Sample Questions and Answers: http://www.braindumpsall.net/NSE5-dumps/

P.S. New NSE5 dumps PDF: http://www.4easydumps.com/NSE5-dumps-download.html