Ensurepass

QUESTION 101

You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from either side to be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate unit already has a default route. Which of the following configuration steps are required to achieve these objectives? (Select all that apply.)

 

A.

Create one firewall policy.

B.

Create two firewall policies.

C.

Add a route for the remote subnet.

D.

Add a route for incoming traffic.

E.

Create a phase 1 definition.

F.

Create a phase 2 definition.

 

Correct Answer: BCEF

 

 

QUESTION 102

Which of the following antivirus and attack definition update options are supported by FortiGate units? (Select all that apply.)

 

A.

Manual update by downloading the signatures from the support site.

B.

Pull updates from the FortiGate device

C.

Push updates from the FortiGuard Distribution Network.

D.

“update-AV/AS” command from the CLI

 

Correct Answer: ABC

 

 

QUESTION 103

A FortiGate unit can scan for viruses on which types of network traffic? (Select all that apply.)

 

A.

POP3

B.

FTP

C.

SMTP

D.

SNMP

E.

NetBios

 

Correct Answer: ABC

 

 

QUESTION 104

A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode?

 

A.

Proxy

B.

DNS

C.

Flow-based

D.

Man-in-the-middle

 

Correct Answer: C

 

 

QUESTION 105

Which of the following statements are correct regarding logging to memory on a FortiGate unit? (Select all that apply.)

 

A.

When the system has reached its capacity for log messages, the FortiGate unit will stop logging to memory.

B.

When the system has reached its capacity for log messages, the FortiGate unit overwrites the oldest messages.

C.

If the FortiGate unit is reset or loses power, log entries captured to memory will be lost.

D.

None of the above.

 

Correct Answer: BC

 

 

QUESTION 106

Which of the following statements best describes the green status indicators that appear next to different FortiGuard Distribution Network services as illustrated in the exhibit?

 

clip_image001

 

A.

They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network.

B.

They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network.

C.

They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.

D.

They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network.

 

Correct Answer: A

 

QUESTION 107

Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?

 

A.

TCP connection

B.

File attachments

C.

Message headers

D.

Message body

 

Correct Answer: A

 

 

< p class="MsoNormal" style="cursor: auto; margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-layout-grid-align: none" align="left">QUESTION 108

Which of the following statements correctly describes how a push update from the FortiGuard Distribution Network (FDN) works?

 

A.

The FDN sends push updates only once.

B.

The FDN sends package updates automatically to the FortiGate unit without requiring an update request.

C.

The FDN continues to send push updates until the FortiGate unit sends an acknowledgement.

D.

The FDN sends a message to the FortiGate unit that there is an update available and that the FortiGate unit should download the update.

 

Correct Answer: D

 

 

QUESTION 109

Caching improves performance by reducing FortiGate unit requests to the FortiGuard server. Which of the following statements are correct regarding the caching of FortiGuard responses? (Select all that apply.)

 

A.

Caching is available for web filtering, antispam, and IPS requests.

B.

The cache uses a small portion of the FortiGate system memory.

C.

When the cache is full, the least recently used IP address or URL is deleted from the cache.

D.

An administrator can configure the number of seconds to store information in the cache before the FortiGate unit contacts the FortiGuard server again.

E.

The size of the cache will increase to accomodate any number of cached queries.

 

Correct Answer: BCD

 

 

QUESTION 110

Which of the following logging options are supported on a FortiGate unit? (Select all that apply.)

 

A.

LDAP

B.

Syslog

C.

FortiAnalyzer

D.

Local disk and/or memory

 

Correct Answer: BCD

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.