Accurate of NSE5 dumps materials and samples for Fortinet certification for IT examinee, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!

2021 Sep NSE5 test question

Q81. - (Topic 3) 

An administrator wishes to generate a report showing Top Traffic by service type. They notice that web traffic overwhelms the pie chart and want to exclude the web traffic from the report. 

Which of the following statements best describes how to do this? 

A. In the Service field of the Data Filter, type 80/tcp and select the NOT checkbox. 

B. Add the following entry to the Generic Field section of the Data Filter: service="!web". 

C. When editing the chart, uncheck wlog to indicate that Web Filtering data is being excluded when generating the chart. 

D. When editing the chart, enter 'http' in the Exclude Service field. 

Answer: A 


Q82. - (Topic 1) 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? 

A. Packet encryption 

B. MIB-based report uploads 

C. SNMP access limits through access lists 

D. Running SNMP service on a non-standard port is possible 

Answer: A 


Q83. - (Topic 1) 

Which statement is correct regarding virus scanning on a FortiGate unit? 

A. Virus scanning is enabled by default. 

B. Fortinet Customer Support enables virus scanning remotely for you. 

C. Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy. 

D. Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through the FortiGate device. 

Answer: C 


Q84. - (Topic 3) 

WAN optimization is configured in Active/Passive mode. When will the remote peer accept an attempt to initiate a tunnel? 

A. The attempt will be accepted when the request comes from a known peer and there is a matching WAN optimization passive rule. 

B. The attempt will be accepted when there is a matching WAN optimization passive rule. 

C. The attempt will be accepted when the request comes from a known peer. 

D. The attempt will be accepted when a user on the remote peer accepts the connection request. 

Answer: A 


Q85. - (Topic 2) 

How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.) 

A. File TypE. Microsoft Office(msoffice) 

B. File TypE. Archive(zip) 

C. File TypE. Unknown Filetype(unknown) 

D. File NamE. "*.ppt", "*.doc", "*.xls" 

E. File NamE. "*.pptx", "*.docx", "*.xlsx" 

Answer: B,E 


NSE5 exam price

Rebirth NSE5 dumps:

Q86. - (Topic 3) 

A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity. 

The following troubleshooting commands are executed from the DOS prompt on the PC and from the CLI. 

C:\>ping 10.0.1.1 

Pinging 10.0.1.1 with 32 bytes of data: 

Reply from 10.0.1.1: bytes=32 time=1ms TTL=255 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255 

Reply from 10.0.1.1: bytes=32 time<1ms TTL=255 

user1 # get system interface 

== [ internal ] 

namE. internal modE. static ip: 10.0.1.254 255.255.255.128 status: up 

netbios-forwarD. disable typE. physical mtu-overridE. disable 

== [ vlan1 ] 

namE. vlan1 modE. static ip: 10.0.1.1 255.255.255.128 status: up netb 

ios-forwarD. disable typE. vlan mtu-overridE. disable 

user1 # diagnose debug flow trace start 100 

user1 # diagnose debug ena 

user1 # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1 

id=20085 trace_id=274 msg="vd-root received a packet(proto=6, 10.0.1.130:47927->10.0.1.1:443) from internal." 

id=20085 trace_id=274 msg="allocate a new session-00000b1b" 

id=20085 trace_id=274 msg="find SNAT: IP-10.0.1.1, port-43798" 

id=20085 trace_id=274 msg="iprope_in_check() check failed, drop" 

Based on the output from these commands, which of the following explanations is a possible cause of the problem? 

A. The Fortigate unit has no route back to the PC. 

B. The PC has an IP address in the wrong subnet. 

C. The PC is using an incorrect default gateway IP address. 

D. The FortiGate unit does not have the HTTPS service configured on the VLAN1 interface. 

E. There is no firewall policy allowing traffic from INTERNAL-> VLAN1. 

Answer: D 


Q87. - (Topic 1) 

Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices? 

A. FortiGate device 

B. FortiAnalyzer device 

C. FortiClient device 

D. FortiManager device 

E. FortiMail device 

F. FortiBridge device 

Answer: B 


Q88. - (Topic 3) 

If Routing Information Protocol (RIP) version 1 or version 2 has already been configured on a FortiGate unit, which of the following statements is correct if the routes learned through RIP need to be advertised into Open Shortest Path First (OSPF)? 

A. The FortiGate unit will automatically announce all routes learned through RIP v1 or v2 to its OSPF neighbors. 

B. The FortiGate unit will automatically announce all routes learned only through RIP v2 to its OSPF neighbors. 

C. At a minimum, the network administrator needs to enable Redistribute RIP in the OSPF Advanced Options. 

D. The network administrator needs to configure a RIP to OSPF announce policy as part of the RIP settings. 

E. At a minimum, the network administrator needs to enable Redistribute Default in the OSPF Advanced Options. 

Answer: C 


Q89. - (Topic 1) 

In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed: 

A. First, a check is performed to determine if the user’s login credentials are valid. Next, the user is checked to determine if they belong to any of the groups defined for that policy. Finally, user restrictions are determined and port, time, and UTM profiles are applied. 

B. First, user restrictions are determined and port, time, and UTM profiles are applied. Next, a check is performed to determine if the user’s login credentials are valid. Finally, the user is checked to determine if they belong to any of the groups defined for that policy. 

C. First, the user is checked to determine if they belong to any of the groups defined for that policy. Next, user restrictions are determined and port, time, and UTM profiles are applied. Finally, a check is performed to determine if the user’s login credentials are valid. 

Answer: A 


Q90. - (Topic 1) 

The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ . 

A. set order 

B. edit policy 

C. reorder 

D. move 

Answer: D