Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 03

September 25, 2015

Ensurepass

QUESTION 183  (Topic 3)

 

When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit.

 

clip_image002

 

Which of the following statements is correct regarding this entry?

 

A.

The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule.

B.

The entry displays a ban that was triggered by HTTP traffic matching an IPS signature.

 

 

 

 

This client is banned from receiving or sending any traffic through the FortiGate.

C.

The entry displays a quarantine, which could have been added by either IPS or DLP.

D.

This entry displays a ban entry that was added manually by the administrator on June11th.

 

Answer: A

 

 

QUESTION 184  (Topic 3)

 

An administrator has formed a High Availability cluster involving two FortiGate 310B units.

 

[Multiple upstream Layer 2 switches] — [ FortiGate HA Cluster ] — [ Multiple downstream Layer 2 switches ]

 

The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster.

 

Which of the following options describes the best step the administrator can take?

 

The administrator should…

 

A.

set up a full-mesh design which uses redundant interfaces.

B.

increase the number of FortiGate units in the cluster and configure HA in Active-Active mode.

C.

enable monitoring of all active interfaces.

D.

configure the HA ping server feature to allow for HA failover in the event that a path is disrupted.

 

Answer: A

 

 

QUESTION 185  (Topic 3)

 

SSL Proxy is used to decrypt the SSL-encrypted traffic. After decryption, where is the traffic buffered in preparation for content inspection?

 

A.

The file is buffered by the application proxy.

B.

The file is buffered by the SSL proxy.

C.

In the upload direction, the file is buffered by the SSL proxy. In the download direction,

 

 

 

 

the file is buffered by the application proxy.

D.

No file buffering is needed since a stream-based scanning approach is used for SSL content inspection.

 

Answer: A

 

 

QUESTION 186  (Topic 3)

 

A FortiGate unit is operating in NAT/Route mode and is configured with two Virtual LAN (VLAN) sub-interfaces added to the same physical interface.

 

Which of the following statements is correct regarding the VLAN IDs in this scenario?

 

A.

The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.

B.

The two VLAN sub-interfaces must have different VLAN IDs.

C.

The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.

D.

The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.

 

Answer: B

 

 

QUESTION 187  (Topic 3)

 

Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

 

A.

The proxy buffers the entire file from the client, only sending the file to the server if the file is clean. One possible consequence of buffering is that the server could time out.

B.

The proxy sends the file to the server while simultaneously buffering it.

C.

The proxy removes the infected file from the server by sending a delete command on behalf of the client.

D.

If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.

 

Answer: A

 

 

 

QUESTION 188  (Topic 3)

 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?

 

A.

Packet encryption

B.

MIB-based report uploads

C.

SNMP access limits through access lists

D.

Running SNMP service on a non-standard port is possible

 

Answer: A

 

 

QUESTION 189  (Topic 3)

 

A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.

 

clip_image004

 

Which of the following statements are correct regarding these VDOMs? (Select all that apply.)

 

A.

The FortiGate unit supports any combination of these VDOMs in NAT/Route and Transparent modes.

B.

The FortiGate unit must be a model 1000 or above to support multiple VDOMs.

 

 

 

 

C.

A license had to be purchased and applied to the FortiGate unit before VDOM mode could be enabled.

D.

All VDOMs must operate in the same mode.

E.

Changing a VDOM operational mode requires a reboot of the FortiGate unit.

F.

An admin account can be assigned to one VDOM or it can have access to all three VDOMs.

 

Answer: AF

 

 

QUESTION 190  (Topic 3)

 

Which of the following statements is correct regarding the FortiGuard Services Web Filtering Override configuration as illustrated in the exhibit?

 

clip_image006

 

A.

Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/.

B.

A client with an IP of address 10.10.10.12 is allowed access to any subdirectory that is part of the www.yahoo.com web site.

C.

A client with an IP address of 10.10.10.12 is allowed access to the www.yahoo.com/images/ web site and any of its offsite URLs.

D.

A client with an IP address of 10.10.10.12 is allowed access to any URL under the www.yahoo.com web site, including any subdirectory URLs, until August 7, 2009.

E.

Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/ until August 7, 2009.

 

Answer: C

 

 

 

QUESTION 191  (Topic 3)

 

Bob wants to send Alice a file that is encrypted using public key cryptography.

 

Which of the following statements is correct regarding the use of public key cryptography in this scenario?

 

A.

Bob will use his private key to encrypt the file and Alice will use her private key to decrypt the file.

B.

Bob will use his public key to encrypt the file and Alice will use Bob’s private key to decrypt the file.

C.

Bob will use Alice’s public key to encrypt the file and Alice will use her private key to decrypt the file.

D.

Bob will use his public key to encrypt the file and Alice will use her private key to decrypt the file.

E.

Bob will use Alice’s public key to encrypt the file and Alice will use Bob’s public key to decrypt the file.

 

Answer: C

 

 

QUESTION 192  (Topic 3)

 

An administrator logs into a FortiGate unit using an account which has been assigned a super_admin profile. Which of the following operations can this administrator perform?

 

A.

They can delete logged-in users who are also assigned the super_admin access profile.

B.

They can make changes to the super_admin profile.

C.

They can delete the admin account if the default admin user is not logged in.

D.

They can view all the system configuration settings but can not make changes.

E.

They can access configuration options for only the VDOMs to which they have been assigned.

 

Answer: C

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …