NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 04

By on September 25, 2015
EnsurepassQUESTION 193  (Topic 3)         A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root.   Which of the following items would an administrator logging in using this account NOT be able to configure?   A. Firewall addresses B. DHCP servers C. FortiGuard Distribution Network configuration D. PPTP VPN configuration   Answer: C     QUESTION 194  (Topic Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 05

By on
Ensurepass  QUESTION 203  (Topic 3)   A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity.   The following troubleshooting commands are executed from the DOS prompt on the PC and from the CLI.   C:\>ping 10.0.1.1   Pinging 10.0.1.1 with 32 bytes of data:   Reply from 10.0.1.1: Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 02

By on
EnsurepassQUESTION 173  (Topic 3)   When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option.         What is a valid reason for using the Full Search option, instead?   A. The search items you are looking for are not contained in indexed log fields. B. A quick search only searches data received within the last 24 hours. C. You want the search to include the FortiAnalyzer's local logs. D. You want Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 03

By on
EnsurepassQUESTION 183  (Topic 3)   When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit.     Which of the following statements is correct regarding this entry?   A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule. B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature.         This client is banned Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 3, Volume C part 01

By on
EnsurepassQUESTION 163  (Topic 3)   The transfer of encrypted files or the use of encrypted protocols between users and servers on the internet can frustrate the efforts of administrators attempting to monitor traffic passing through the FortiGate unit and ensuring user compliance to corporate rules.   Which of the following items will allow the administrator to control the transfer of encrypted data through the FortiGate unit? (Select all that apply.)   A. Encrypted protocols Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 2, Volume B part 02

By on
EnsurepassQUESTION 131  (Topic 2)   Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit below.     Which of the following statements are correct regarding this output? (Select all that apply.)   A. The connecting client has been allocated address 172.20.1.1.         B. In the Phase 1 settings, dead peer detection is enabled. C. The tunnel is idle. D. The connecting client has been allocated address Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 2, Volume B part 03

By on
EnsurepassQUESTION 141  (Topic 2)   Data Leak Prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.)   A. SNMP B. IPSec C. SMTP D. POP3 E. HTTP   Answer: CDE       QUESTION 142  (Topic 2)   Examine the two static routes to the same destination subnet 172.20.168.0/24 as shown below; then answer the question following it. Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 2, Volume B part 01

By on
EnsurepassQUESTION 120  (Topic 2)   With FSSO, a domain user could authenticate either against the domain controller running the Collector Agent and Domain Controller Agent, or a domain controller running only the Domain Controller Agent.   If you attempt to authenticate with the Secondary Domain Controller running only the Domain Controller Agent, which of the following statements are correct? (Select all that apply.)           A. The login event is sent Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 06

By on
EnsurepassQUESTION 51 CORRECT TEXT  (Topic 1)   When creating administrative users, the assigned _____________determines user rights on the FortiGate unit.   A.   B.   C.   D.     Answer:     QUESTION 52  (Topic 1)   The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit's GUI and also using the CLI. The command used in the CLI to perform this function is ______ .   Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 07

By on
EnsurepassQUESTION 61  (Topic 1)   Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)   A. Manual, user-initiated updates from the FortiGuard Distribution Network. B. Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network. C. Push updates from the FortiGuard Distribution Network. D. Update status including version Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 03

By on
EnsurepassQUESTION 21  (Topic 1)         Which statement is correct regarding virus scanning on a FortiGate unit?   A. Virus scanning is enabled by default. B. Fortinet Customer Support enables virus scanning remotely for you. C. Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy. D. Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 04

By on
EnsurepassQUESTION 31  (Topic 1)   An administrator wants to assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?   A. Enable a set of unique UTM profiles under "Edit User Group". B. The administrator must enable the UTM profiles in an identity-based policy applicable to the user group.         C. When defining the UTM objects, the administrator must list the user groups which will use the UTM Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 05

By on
EnsurepassQUESTION 41  (Topic 1)   SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website?   A. The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user's workstation. B. Disable the strict server certificate check in the web browser under Internet Options. C. Enable transparent Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 02

By on
Ensurepass  QUESTION 11  (Topic 1)   In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed:   A. First, a check is performed to determine if the user's login credentials are valid. Next, the user is checked to determine if they belong to any of the groups defined for that policy. Finally, user restrictions are determined and port, time, and UTM profiles are applied. B. First, user Read more [...]

Continue Reading

NSE5 Examination questions (September)

Achieve New Updated (September) Fortinet NSE5 Examination questions Topic 1, Volume A part 01

By on
EnsurepassQUESTION 1  (Topic 1)   Which of the following authentication types are supported by FortiGate units? (Select all that apply.)   A. Kerberos B. LDAP C. RADIUS D. Local Users   Answer: BCD     QUESTION 2  (Topic 1)   Which of the following network protocols are supported for administrative access to a FortiGate unit?   A. HTTPS, HTTP, SSH, TELNET, PING, SNMP B. FTP, HTTPS, NNTP, TCP, WINS C. HTTP, NNTP, SMTP, DHCP D. Read more [...]

Continue Reading