Top 15 questions NSE5 for client (76 to 90)

Accurate of NSE5 rapidshare materials and tutorials for Fortinet certification for client, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!

2016 Apr NSE5 Study Guide Questions:

Q76. - (Topic 1) 

Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available event types in Web Config? (Select all that apply.) 

A. Intrusion detected. 

B. Successful firewall authentication. 

C. Oversized file detected. 

D. DHCP address assigned. 

E. FortiGuard Web Filtering rating error detected. 

Answer: A 


Q77. - (Topic 3) 

Which of the following statements is not correct regarding virtual domains (VDOMs)? 

A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units. 

B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates. 

C. A backup management VDOM will synchronize the configuration from an active management VDOM. 

D. VDOMs share firmware versions, as well as antivirus and IPS databases. 

E. Only administrative users with a super_admin profile will be able to enter all VDOMs to make configuration changes. 

Answer: C 


Q78. - (Topic 1) 

A FortiGate unit can provide which of the following capabilities? (Select all that apply.) 

A. Email filtering 

B. Firewall 

C. VPN gateway 

D. Mail relay 

E. Mail server 

Answer: A,B,C 


Q79. - (Topic 1) 

Which of the following statements best describes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled? 

A. The proxy will not allow a file to be transmitted in multiple streams simultaneously. 

B. The proxy sends the file to the server while simultaneously buffering it. 

C. If the file being scanned is determined to be infected, the proxy deletes it from the server by sending a delete command on behalf of the client. 

D. If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server. 

Answer: A 


Q80. - (Topic 1) 

A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. 

Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.) 

A. Split tunneling can be enabled when using tunnel mode SSL VPN. 

B. Client software is required to be able to use a tunnel mode SSL VPN. 

C. Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy. 

D. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit. 

Answer: A,B,C,D 


NSE5 latest exam

Refresh NSE5 practice test:

Q81. - (Topic 3) 

Which of the following statements is correct about how the FortiGate unit verifies username and password during user authentication? 

A. If a remote server is included in a user group, it will be checked before local accounts. 

B. An administrator can define a local account for which the password must be verified by querying a remote server. 

C. If authentication fails with a local password, the FortiGate unit will query the authentication server if the local user is configured with both a local password and an authentication server. 

D. The FortiGate unit will only attempt to authenticate against Active Directory if Fortinet Server Authentication Extensions are installed and configured. 

Answer: B 


Q82. - (Topic 2) 

Data Leak Prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.) 

A. SNMP 

B. IPSec 

C. SMTP 

D. POP3 

E. HTTP 

Answer: C,D,E 


Q83. - (Topic 3) 

Which of the following statements are correct regarding the configuration of a FortiGate unit 

as an SSL VPN gateway? (Select all that apply.) 

A. Tunnel mode can only be used if the SSL VPN user groups have at least one Host Check option enabled. 

B. The specific routes needed to access internal resources through an SSL VPN connection in tunnel mode from the client computer are defined in the routing widget associated with the SSL VPN portal. 

C. In order to apply a portal to a user, that user must belong to an SSL VPN user group. 

D. The portal settings specify whether the connection will operate in web-only or tunnel mode. 

Answer: C,D 


Q84. - (Topic 1) 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? 

A. Packet encryption 

B. MIB-based report uploads 

C. SNMP access limits through access lists 

D. Running SNMP service on a non-standard port is possible 

Answer: A 


Q85. - (Topic 3) 

In a High Availability configuration operating in Active-Active mode, which of the following correctly describes the path taken by a load-balanced HTTP session? 

A. Request: Internal Host -> Master FG -> Slave FG -> Internet -> Web Server 

B. Request: Internal Host -> Master FG -> Slave FG -> Master FG -> Internet -> Web Server 

C. Request: Internal Host -> Slave FG -> Internet -> Web Server 

D. Request: Internal Host -> Slave FG -> Master FG -> Internet -> Web Server 

Answer: A 


NSE5 exams

High value NSE5 braindumps:

Q86. - (Topic 1) 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy. 

Exhibit A: 


Exhibit B: 


What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine? 

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected. 

B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message. 

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed. 

D. The FortiGate unit will reject the infected email and notify the sender. 

Answer: B 


Q87. - (Topic 3) 

A FortiClient fails to establish a VPN tunnel with a FortiGate unit. 

The following information is displayed in the FortiGate unit logs: 

msg="Initiator: sent 192.168.11.101 main mode message #1 (OK)" 

msg="Initiator: sent 192.168.11.101 main mode message #2 (OK)" 

msg="Initiator: sent 192.168.11.101 main mode message #3 (OK)" 

msg="Initiator: parsed 192.168.11.101 main mode message #3 (DONE)" 

msg="Initiator: sent 192.168.11.101 quick mode message #1 (OK)" 

msg="Initiator: tunnel 192.168.1.1/192.168.11.101 install ipsec sa" 

msg="Initiator: sent 192.168.11.101 quick mode message #2 (DONE)" 

msg="Initiator: tunnel 192.168.11.101, transform=ESP_3DES, HMAC_MD5" 

msg="Failed to acquire an IP address 

Which of the following statements is a possible cause for the failure to establish the VPN tunnel? 

A. An IPSec DHCP server is not enabled on the external interface of the FortiGate unit. 

B. There is no IPSec firewall policy configured for the policy-based VPN. 

C. There is a mismatch between the FortiGate unit and the FortiClient IP addresses in the phase 2 settings. 

D. The phase 1 configuration on the FortiGate unit uses Aggressive mode while FortiClient uses Main mode. 

Answer: A 


Q88. - (Topic 1) 

Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.) 

A. FortiGate 

B. FortiClient 

C. FortiMail 

D. FortiAnalyzer 

Answer: A,B,C 


Q89. - (Topic 1) 

Examine the firewall configuration shown below; then answer the question following it. 


Which of the following statements are correct based on the firewall configuration illustrated in the exhibit? (Select all that apply.) 

A. A user can access the Internet using only the protocols that are supported by user authentication. 

B. A user can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP. These require authentication before the user will be allowed access. 

C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access any services. 

D. A user cannot access the Internet using any protocols unless the user has passed firewall authentication. 

Answer: A,D 


Q90. - (Topic 2) 

Review the output of the command get router info routing-table database shown in the Exhibit below; then answer the question following it. 


Which of the following statements are correct regarding this output? (Select all that apply). 

A. There will be six routes in the routing table. 

B. There will be seven routes in the routing table. 

C. There will be two default routes in the routing table. 

D. There will be two routes for the 10.0.2.0/24 subnet in the routing table. 

Answer: A,C 



see more NSE5 - Fortinet Network Security Expert 5 Written Exam (500)

Fortinet NSE5 Certification Sample Questions and Answers: http://www.braindumpsall.net/NSE5-dumps/

P.S. New NSE5 dumps PDF: http://www.4easydumps.com/NSE5-dumps-download.html