Ensurepass

QUESTION 31

Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

 

A.

Manual, user-initiated updates from the FortiGuard Distribution Network.

B.

Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network.

C.

Push updates from the FortiGuard Distribution Network.

D.

Update status including version numbers, expiry dates, and most recent update dates and times.

 

Correct Answer: ABCD

 

 

 

QUESTION 32

SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website?

 

A.

The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user’s workstation.

B.

Disable the strict server certificate check in the web browser under Internet Options.

C.

Enable transparent proxy mode on the FortiGate unit.

D.

Enable NTLM authentication on the FortiGate unit. NTLM authentication suppresses the certificate warning messages in the web browser.

 

Correct Answer: A

 

 

QUESTION 33

Two-factor authentication is supported using the following methods? (Select all that apply.)

 

A.

FortiToken

B.

Email

C.

SMS phone message

D.

Code books

 

Correct Answer: ABC

 

 

QUESTION 34

Which statement is correct regarding virus scanning on a FortiGate unit?

 

A.

Virus scanning is enabled by default.

B.

Fortinet Customer Support enables virus scanning remotely for you.

C.

Virus scanning must be enabled in a protection profile and the protection profile must be assigned to a firewall policy.

D.

Enabling virus scanning in a protection profile enables virus scanning for all traffic flowing through the FortiGate.

 

Correct Answer: C

 

 

QUESTION 35

An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. Which of the following statements best describes how to resolve this issue?

 

A.

This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user’s web portal.

B.

This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface.

C.

Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal.

D.

Make sure that only Internet Explorer is used. All other browsers are unsupported.

 

Correct Answer: B

 

QUESTION 36

Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.)

 

A.

A protection profile may have only one user group defined as an override group.

B.

A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.

C.

Authentication to allow the override is based on a user’s membership in a user group.

D.

Overrides can be allowed by the administrator for a specific period of time.

 

Correct Answer: BCD

 

 

QUESTION 37

If a FortiGate unit has a dmz interface IP address of 210.192.168.2 with a subnet mask of 255.255.255.0, what is a valid dmz DHCP addressing range?

 

A.

172.168.0.1 – 172.168.0.10

B.

210.192.168.3 – 210.192.168.10

C.

210.192.168.1 – 210.192.168.4

D.

All of the above.

 

Correct Answer: B

 

 

QUESTION 38

What are the valid sub-types for a Firewall type policy? (Select all that apply)

 

A.

Device Identity

B.

Address

C.

User Identity

D.

Schedule

E.

SSL VPN

 

Correct Answer: ABC

 

 

QUESTION 39

If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces?

 

A.

The traffic is blocked.

B.

The traffic is passed.

C.

The traffic is passed and logged.

D.

The traffic is blocked and logged.

 

Correct Answer: A

 

 

 

 

 

 

 

QUESTION 40

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.

 

Exhibit A:

clip_image002

 

Exhibit B:

clip_image004

 

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?

 

A.

The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.

B.

The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.

C.

The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.

D.

The FortiGate unit will reject the infected email and notify the sender.

 

Correct Answer: B

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.