How to pass Fortinet NSE5 Real Exam in 24 Hours [test questions 166-180]

Exam Code: NSE5 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Fortinet Network Security Expert 5 Written Exam (500)
Certification Provider: Fortinet
Free Today! Guaranteed Training- Pass NSE5 Exam.

2016 Apr NSE5 Study Guide Questions:

Q166. - (Topic 1) 

Which of the following email spam filtering features is NOT supported on a FortiGate unit? 

A. Multipurpose Internet Mail Extensions (MIME) Header Check 

B. HELO DNS Lookup 

C. Greylisting 

D. Banned Word 

Answer: C 


Q167. - (Topic 1) 

Which of the following Regular Expression patterns will make the term "bad language" case insensitive? 

A. [bad language] 

B. /bad language/i 

C. i/bad language/ 

D. "bad language" 

E. /bad language/c 

Answer: B 


Q168. - (Topic 1) 

SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website? 

A. The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user's workstation. 

B. Disable the strict server certificate check in the web browser under Internet Options. 

C. Enable transparent proxy mode on the FortiGate unit. 

D. Enable NTLM authentication on the FortiGate unit. NTLM authentication suppresses the certificate warning messages in the web browser. 

Answer: A 


Q169. - (Topic 2) 

Examine the Exhibits shown below, then answer the question that follows. Review the following DLP Sensor (Exhibit 1): 


Review the following File Filter list for rule #1 (Exhibit 2): 


Review the following File Filter list for rule #2 (Exhibit 3): 


Review the following File Filter list for rule #3 (Exhibit 4): 


An MP3 file is renamed to ‘workbook.exe’ and put into a ZIP archive. It is then sent through the FortiGate device over HTTP. It is intercepted and processed by the configuration shown in the above Exhibits 1-4. 

Assuming the file is not too large for the File scanning threshold, what action will the FortiGate unit take? 

A. The file will be detected by rule #1 as an ‘Audio (mp3)’, a log entry will be created and it will be allowed to pass through. 

B. The file will be detected by rule #2 as a “*.exe”, a log entry will be created and the interface that received the traffic will be brought down. 

C. The file will be detected by rule #3 as an Archive(zip), blocked, and a log entry will be created. 

D. Nothing, the file will go undetected. 

Answer: A 


Q170. - (Topic 1) 

In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic? 

A. The traffic is blocked. 

B. The traffic is passed. 

C. The traffic is passed and logged. 

D. The traffic is blocked and logged. 

Answer: A 


NSE5 test preparation

Up to the minute NSE5 free practice test:

Q171. - (Topic 3) 

If Routing Information Protocol (RIP) version 1 or version 2 has already been configured on a FortiGate unit, which of the following statements is correct if the routes learned through RIP need to be advertised into Open Shortest Path First (OSPF)? 

A. The FortiGate unit will automatically announce all routes learned through RIP v1 or v2 to its OSPF neighbors. 

B. The FortiGate unit will automatically announce all routes learned only through RIP v2 to its OSPF neighbors. 

C. At a minimum, the network administrator needs to enable Redistribute RIP in the OSPF Advanced Options. 

D. The network administrator needs to configure a RIP to OSPF announce policy as part of the RIP settings. 

E. At a minimum, the network administrator needs to enable Redistribute Default in the OSPF Advanced Options. 

Answer: C 


Q172. - (Topic 3) 

Which of the following must be configured on a FortiGate unit to redirect content requests to remote web cache servers? 

A. WCCP must be enabled on the interface facing the Web cache. 

B. You must enabled explicit Web-proxy on the incoming interface. 

C. WCCP must be enabled as a global setting on the FortiGate unit. 

D. WCCP must be enabled on all interfaces on the FortiGate unit through which HTTP traffic is passing. 

Answer: A 


Q173. - (Topic 1) 

A FortiGate unit can act as which of the following? (Select all that apply.) 

A. Antispam filter 

B. Firewall 

C. VPN gateway 

D. Mail relay 

E. Mail server 

Answer: A,B,C 


Q174. - (Topic 2) 

Which of the following statements are correct regarding virtual domains (VDOMs)? (Select all that apply.) 

A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units. 

B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates. 

C. VDOMs share firmware versions, as well as antivirus and IPS databases. 

D. Only administrative users with a 'super_admin' profile will be able to enter multiple VDOMs to make configuration changes. 

Answer: A,B,C 


Q175. - (Topic 2) 

Select the answer that describes what the CLI command diag debug authd fsso list is used for. 

A. Monitors communications between the FSSO Collector Agent and FortiGate unit. 

B. Displays which users are currently logged on using FSSO. 

C. Displays a listing of all connected FSSO Collector Agents. 

D. Lists all DC Agents installed on all Domain Controllers. 

Answer: B 


NSE5 practice test

Simulation NSE5 preparation labs:

Q176. - (Topic 3) 

In which of the following report templates would you configure the charts to be included in the report? 

A. Layout Template 

B. Data Filter Template 

C. Output Template 

D. Schedule Template 

Answer: A


Q177. - (Topic 2) 

Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.) 

A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding. 

B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs. 

C. The device is transparent to network hosts. 

D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network. 

E. All interfaces must be on different IP subnets. 

Answer: A,B,C,D 


Q178. - (Topic 3) 

Based on the web filtering configuration illustrated in the exhibit, 


which one of the following statements is not a reasonable conclusion? 

A. Users can access both the www.google.com site and the www.fortinet.com site. 

B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site. 

C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed. 

D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled. 

Answer: B 


Q179. - (Topic 1) 

When backing up the configuration file on a FortiGate unit, the contents can be encrypted 

by enabling the encrypt option and supplying a password. 

If the password is forgotten, the configuration file can still be restored using which of the following methods? 

A. Selecting the recover password option during the restore process. 

B. Having the password emailed to the administrative user by selecting the Forgot Password option. 

C. Sending the configuration file to Fortinet Support for decryption. 

D. If the password is forgotten, there is no way to use the file. 

Answer: D 


Q180. - (Topic 1) 

The command structure of the CLI on a FortiGate unit consists of commands, objects, branches, tables and parameters. Which of the following items describes port1? 

A. A command. 

B. An object. 

C. A table. 

D. A parameter. 

Answer: C 



see more NSE5 - Fortinet Network Security Expert 5 Written Exam (500)

Fortinet NSE5 Certification Sample Questions and Answers: http://www.braindumpsall.net/NSE5-dumps/

P.S. New NSE5 dumps PDF: http://www.4easydumps.com/NSE5-dumps-download.html