Top 10 tutorials NSE5 for candidates (51 to 60)

NSE5 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library!

Relying on outstanding technology, much better service for customers. Pass4sure offer you Round the clock customer support regarding Fortinet examinee and you can acquire what you would like realize whenever you want. The fulfillment in our NSE5 is our own service goal, the businesss shared advancement together with consumers is our own prolonged goal in the large part. Therefore do not wait to make contact with all of us when you have any queries of NSE5 examination.

2016 Jul NSE5 exam guide

Q51. - (Topic 1) 

Users may require access to a web site that is blocked by a policy. Administrators can give 

users the ability to override the block. Which of the following statements regarding overrides is NOT correct? 

A. A web filter profile may only have one user group defined as an override group. 

B. A firewall user group can be used to provide override privileges for FortiGuard Web Filtering. 

C. When requesting an override, the matched user must belong to a user group for which the override capabilty has been enabled. 

D. Overrides can be allowed by the administrator for a specific period of time. 

Answer: A 

Q52. - (Topic 3) 

The diag sys session list command is executed in the CLI. The output of this command is shown in the exhibit. 

Based on the output from this command, which of the following statements is correct? 

A. This is a UDP session. 

B. Traffic shaping is being applied to this session. 

C. This is an ICMP session. 

D. This traffic has been authenticated. 

E. This session matches a firewall policy with ID 5. 

Answer: B 

Q53. - (Topic 1) 

Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.) 

A. When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory. 

B. When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages. 

C. If the FortiGate unit is reset or loses power, log entries captured to memory will be lost. 

D. None of the above. 

Answer: B,C 

Q54. - (Topic 1) 

A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode? 

A. Proxy 


C. Flow-based 

D. Man-in-the-middle 

Answer: C 

Q55. - (Topic 1) 

Encrypted backup files provide which of the following benefits? (Select all that apply.) 

A. Integrity of the backup file is protected since it cannot be easily modified when encrypted. 

B. Prevents the backup file from becoming corrupted. 

C. Protects details of the device's configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery. 

D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS. 

E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase. 

Answer: A,C

Replace NSE5 practice exam:

Q56. - (Topic 1) 

A FortiGate unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. 

Which of the following statements are possible reasons for this? (Select all that apply.) 

A. The external facing interface of the FortiGate unit is configured to use DHCP. 

B. The FortiGate unit has not been registered. 

C. There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network and no override push IP is configured. 

D. The FortiGate unit is in Transparent mode which does not support push updates. 

Answer: A,B,C 

Q57. - (Topic 3) 

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies? 

A. TCP connection 

B. File attachments 

C. Message headers 

D. Message body 

Answer: A 

Q58. - (Topic 1) 

In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic? 

A. The traffic is blocked. 

B. The traffic is passed. 

C. The traffic is passed and logged. 

D. The traffic is blocked and logged. 

Answer: A 

Q59. - (Topic 2) 

FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory. 

Which of the following statements are correct regarding FSSO in a Windows domain environment when NTLM and Polling Mode are not used? (Select all that apply.) 

A. An FSSO Collector Agent must be installed on every domain controller. 

B. An FSSO Domain Controller Agent must be installed on every domain controller. 

C. The FSSO Domain Controller Agent will regularly update user logon information on the FortiGate unit. 

D. The FSSO Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit. 

E. For non-domain computers, the only way to allow FSSO authentication is to install an FSSO client. 

Answer: B,D 

Q60. - (Topic 1) 

A FortiGate unit can provide which of the following capabilities? (Select all that apply.) 

A. Email filtering 

B. Firewall 

C. VPN gateway 

D. Mail relay 

E. Mail server 

Answer: A,B,C 

see more /