Ensurepass

QUESTION 121

Two devices are in an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of ‘diag sys session stat’ for the STUDENT device. Exhibit B shows the command output of ‘diag sys session stat’ for the REMOTE device.

 

Exhibit A:

clip_image002

 

Exhibit B:

clip_image004

 

Given the information provided in the exhibits, which of the following statements are correct? (Select all that apply.)

 

A.

STUDENT is likely to be the master device.

B.

Session-pickup is likely to be enabled.

C.

The cluster mode is definitely Active-Passive.

D.

There is not enough information to determine the cluster mode.

 

Correct Answer: AD

 

 

QUESTION 122

Shown below is a section of output from the debug command diag ip arp list.

 

index=2 ifname=port1 172.20.187.150 00:09:0f:69:03:7e state=00000004 use=4589 confirm=4589 update=2422 ref=1

 

In the output provided, which of the following best describes the IP address 172.20.187.150?

 

A.

It is the primary IP address of the port1 interface.

B.

It is one of the secondary IP addresses of the port1 interface.

C.

It is the IP address of another network device located in the same LAN segment as the FortiGate unit’s port1 interface.

 

Correct Answer: C

 

 

 

 

 

 

 

QUESTION 123

In HA, the option Reserve Management Port for Cluster Member is selected as shown in the Exhibit below. Which of the following statements are correct regarding this setting? (Select all that apply.)

 

clip_image006

 

A.

Interface settings on port7 will not be synchronized with other cluster members.

B.

The IP address assigned to this interface must not overlap with the IP address subnet assigned to another interface.

C.

Port7 appears in the routing table.

D.

A gateway address may be configured for port7.

E.

When connecting to port7 you always connect to the master device.

 

Correct Answer: AD

 

 

QUESTION 124

Which of the following represents the correct order of criteria used for the selection of a Master unit within a FortiGate High Availability (HA) cluster when master override is disabled?

 

A.

1. port monitor, 2. unit priority, 3. up time, 4. serial number

B.

1. port monitor, 2. up time, 3. unit priority, 4. serial number

C.

1. unit priority, 2. up time, 3. port monitor, 4. serial number

D.

1. up time, 2. unit priority, 3. port monitor, 4. serial number

 

Correct Answer: B

 

 

QUESTION 125

Examine the Exhibits shown below, then answer the question that follows.

 

Review the following DLP Sensor (Exhibit 1):

clip_image008

 

Review the following File Filter list for rule #1 (Exhibit 2):

clip_image010

 

Review the following File Filter list for rule #2 (Exhibit 3):

clip_image012

 

Review the following File Filter list for rule #3 (Exhibit 4):

clip_image014

 

An MP3 file is renamed to `workbook.exe’ and put into a ZIP archive. It is then sent through the FortiGate device over HTTP. It is intercepted and processed by the configuration shown in the above Exhibits 1-4. Assuming the file is not too large for the File scanning threshold, what action will the FortiGate unit take?

 

A.

The file will be detected by rule #1 as an `Audio (mp3)’, a log entry will be created and it will be allowed to pass through.

B.

The file will be detected by rule #2 as a “*.exe”, a log entry will be created and the interface that received the traffic will be brought down.

C.

The file will be detected by rule #3 as an Archive(zip), blocked, and a log entry will be created.

D.

Nothing, the file will go undetected.

 

Correct Answer: A

 

 

QUESTION 126

Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.)

 

config ips sensor

 

edit “LINUX_SERVER”

 

set comment ”

 

set replacemsg-group ”

 

set log enable

 

config entries

 

edit 1

 

set action default

 

set application all

 

set location server

 

set log enable

 

set log-packet enable

 

set os Linux

 

set protocol all

 

set quarantine none

 

set severity all

 

set status default

 

next

 

end

 

next

 

end

 

A.

The sensor will log all server attacks for all operating systems.

B.

The sensor will include a PCAP file with a trace of the matching packets in the log message of any matched signature.

C.

The sensor will match all traffic from the address object `LINUX_SERVER’.

D.

The sensor will reset all connections that match these signatures.

E.

The sensor only filters which IPS signatures to apply to the selected firewall po
licy.

 

Correct Answer: BE

 

 

QUESTION 127

Which of the following statements are correct regarding Application Control?

 

A.

Application Control is based on the IPS engine.

B.

Application Control is based on the AV engine.

C.

Application Control can be applied to SSL encrypted traffic.

D.

Application Control cannot be applied to SSL encrypted traffic.

 

Correct Answer: AC

 

 

QUESTION 128

Select the answer that describes what the CLI command diag debug authd fsso list is used for.

 

A.

Monitors communications between the FSSO Collector Agent and FortiGate unit.

B.

Displays which users are currently logged on using FSSO.

C.

Displays a listing of all connected FSSO Collector Agents.

D.

Lists all DC Agents installed on all Domain Controllers.

 

Correct Answer: B

 

 

 

 

 

 

 

 

QUESTION 129

Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit. Which of the following statements is correct regarding this output? (Select one answer).

 

clip_image016

 

A.

One tunnel is rekeying

B.

Two tunnels are rekeying

C.

Two tunnels are up

D.

One tunnel is up

 

Correct Answer: C

 

 

QUESTION 130

Identify the correct properties of a partial mesh VPN deployment:

 

A.

VPN tunnels interconnect between every single location.

B.

VPN tunnels are not configured between every single location.

C.

Some locations are reached via a hub location.

D.

There are no hub locations in a partial mesh.

 

Correct Answer: BC

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.