Ensurepass

QUESTION 11

When creating administrative users, the assigned _____________determines user rights on the FortiGate unit.

 

Correct Answer: access profile

 

 

QUESTION 12

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)

 

A.

Forward-only

B.

Non-recursive

C.

Recursive

D.

Iterative

E.

Conditional-forward

 

Correct Answer: ABC

 

 

QUESTION 13

Which of the following is true regarding Switch Port Mode?

 

A.

Allows all internal ports to share the same subnet.

B.

Provides separate routable interfaces for each internal port.

C.

An administrator can select ports to be used as a switch.

D.

Configures ports to be part of the same broadcast domain.

 

Correct Answer: A

 

 

QUESTION 14

A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

 

A.

Split tunneling can be enabled when using tunnel mode SSL VPN.

B.

Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN.

C.

Users attempting to create a tunnel mode SSL VPN connection must be members of a configured user group on the FortiGate unit.

D.

Tunnel mode SSL VPN requires the FortiClient
software to be installed on the user’s computer.

E.

The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

 

Correct Answer: ABCE

 

 

QUESTION 15

By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action?

 

A.

Block all network attacks.

B.

Block the most common network attacks.

C.

Allow all traffic.

D.

Allow and log all traffic.

 

Correct Answer: C

 

 

QUESTION 16

Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.)

 

A.

Backup the configuration.

B.

Disconnect redundant cables to ensure the topology will not contain layer 2 loops.

C.

Set the unit to factory defaults.

D.

Update IPS and AV files.

 

Correct Answer: AB

 

 

QUESTION 17

Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available event types in Web Config? (Select all that apply.)

 

A.

Intrusion detected.

B.

Successful firewall authentication.

C.

Oversized file detected.

D.

DHCP address assigned.

E.

FortiGuard Web Filtering rating error detected.

 

Correct Answer: A

 

 

QUESTION 18

When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge. Select all supported protocols from the following:

 

A.

SMTP

B.

SSH

C.

HTTP

D.

FTP

E.

SCP

 

Correct Answer: CD

 

 

QUESTION 19

What is the effect of using CLI “config system session-ttl” to set session_ttl to 1800 seconds?

 

A.

Sessions can be idle for no more than 1800 seconds.

B.

The maximum length of time a session can be open is 1800 seconds.

C.

After 1800 seconds, the end user must reauthenticate.

D.

After a session has been open for 1800 seconds, the FortiGate unit will send a keepalive packet to both client and server.

 

Correct Answer: A

 

 

QUESTION 20

The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate Web Config and also using the CLI. The command used in the CLI to perform this function is __________.

 

A.

set order

B.

edit policy

C.

reorder

D.

move

 

Correct Answer: D

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.