Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 07

September 25, 2015

Ensurepass

QUESTION 61  (Topic 1)

 

Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

 

A.

Manual, user-initiated updates from the FortiGuard Distribution Network.

B.

Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network.

C.

Push updates from the FortiGuard Distribution Network.

D.

Update status including version numbers, expiry dates, and most recent update dates and times.

 

Answer: ABCD

 

 

QUESTION 62  (Topic 1)

 

In which order are firewall policies processed on the FortiGate unit?

 

A.

They are processed from the top down according to their sequence number.

 

 

 

 

B.

They are processed based on the policy ID number shown in the left hand column of the policy window.

C.

They are processed on best match.

D.

They are processed based on a priority value assigned through the priority column in the policy window.

 

Answer: A

 

 

QUESTION 63  (Topic 1)

 

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

 

A.

The FortiGate unit requires only a single IP address for receiving updates and configuring from a management computer.

B.

The FortiGate unit must use public IP addresses on both the internal and external networks.

C.

The FortiGate unit commonly uses private IP addresses on the internal network but hides them using network address translation.

D.

The FortiGate unit uses only DHCP-assigned IP addresses on the internal network.

 

Answer: C

 

 

QUESTION 64  (Topic 1)

 

Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.)

 

A.

A protection profile may have only one user group defined as an override group.

B.

A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.

C.

Authentication to allow the override is based on a user’s membership in a user group.

D.

Overrides can be allowed by the administrator for a specific period of time.

 

Answer: BCD

 

 

QUESTION 65  (Topic 1)

 

 

 

 

Which of the following antivirus and attack definition update options are supported by FortiGate units? (Select all that apply.)

 

A.

Manual update by downloading the signatures from the support site.

B.

Pull updates from the FortiGate device

C.

Push updates from the FortiGuard Distribution Network.

D.

“update-AV/AS” command from the CLI

 

Answer: ABC

 

 

QUESTION 66  (Topic 1)

 

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)

 

A.

Forward-only

B.

Non-recursive

C.

Recursive

D.

Iterative

E.

Conditional-forward

 

Answer: ABC

 

 

QUESTION 67  (Topic 1)

 

An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.)

 

A.

An entry in a supported LDAP Directory.

B.

A digital certificate issued by any CA server.

C.

A valid username and password.

D.

A digital certificate issued by the FortiGate unit.

E.

Membership in a firewall user group.

 

Answer: BE

 

 

QUESTION 68  (Topic 1)

 

 

 

 

You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from either side to be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate unit already has a default route.

 

Which of the following configuration steps are required to achieve these objectives? (Select all that apply.)

 

A.

Create one firewall policy.

B.

Create two firewall policies.

C.

Add a route for the remote subnet.

D.

Add a route for incoming traffic.

E.

Create a phase 1 definition.

F.

Create a phase 2 definition.

 

Answer: BCEF

 

 

QUESTION 69  (Topic 1)

 

A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode.

 

Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

 

A.

Split tunneling can be enabled when using tunnel mode SSL VPN.

B.

Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN.

C.

Users attempting to create a tunnel mode SSL VPN connection must be members of a configured user group on the FortiGate unit.

D.

Tunnel mode SSL VPN requires the FortiClient software to be installed on the user’s computer.

E.

The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

 

Answer: ABCE

 

 

QUESTION 70  (Topic 1)

 

Which of the following statements correctly describes how a push update from the FortiGuard Distribution Network (FDN) works?

 

 

 

 

 

A.

The FDN sends push updates only once.

B.

The FDN sends package updates automatically to the FortiGate unit without requiring an update request.

C.

The FDN continues to send push updates until the FortiGate unit sends an acknowledgement.

D.

The FDN sends a message to the FortiGate unit that there is an update available and that the FortiGate unit should download the update.

 

Answer: D

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …