Ensurepass

QUESTION 41

In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed:

 

A.

First, a check is performed to determine if the user’s login credentials are valid. Next, the user is checked to determine if they belong to any of the groups defined for that policy. Finally, user restrictions are determined and port, time, and UTM profiles are applied.

B.

First, user restrictions are determined and port, time, and UTM profiles are applied. Next, a check is performed to determine if the user’s login credentials are valid. Finally, the user is checked to determine if they belong to any of the groups defined for that policy.

C.

First, the user is checked to determine if they belong to any of the groups defined for that policy. Next, user restrictions are determined and port, time, and UTM profiles are applied. Finally, a check is performed to determine if the user’s login credentials are valid.

D.

None of the above

 

Correct Answer: A

 

 

QUESTION 42

An administrator configures a FortiGate unit in Transparent mode on the 192.168.11.0 subnet. Automatic Discovery is enabled to detect any available FortiAnalyzers on the network. Which of the following FortiAnalyzers will be detected? (Select all that apply.)

 

A.

192.168.11.100

B.

192.168.11.251

C.

192.168.10.100

D.

192.168.10.251

 

Correct Answer: AB

 

 

QUESTION 43

< font face="Arial">An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the “Connect” button. The administrator has enabled split tunneling. Given that the user authenticates against the SSL VPN policy shown in the image below, which statement below identifies the route that is added to the client’s routing table.

 

clip_image002

 

A.

A route to destination matching the `WIN2K3′ address object.

B.

A route to the destination matching the `all’ address object.

C.

A default route.

D.

No route is added.

 

Correct Answer: A

 

 

QUESTION 44

Which of the following components are contained in all FortiGate units from the FG50 models and up? (Select all that apply.)

 

A.

FortiASIC content processor.

B.

Hard Drive.

C.

Gigabit network interfaces.

D.

Serial console port.

 

Correct Answer: AD

 

 

QUESTION 45

Which of the following pieces of information can be included in the Destination Address field of a firewall policy?< /font>

 

A.

An IP address pool, a virtual IP address, an actual IP address, and an IP address group.

B.

A virtual IP address, an actual IP address, and an IP address group.

C.

An actual IP address and an IP address group.

D.

Only an actual IP address.

 

Correct Answer: B

 

 

QUESTION 46

DLP archiving gives the ability to store session transaction data on a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.)

 

A.

SNMP

B.

IPSec

C.

SMTP

D.

POP3

E.

HTTP

 

Correct Answer: CDE

 

 

QUESTION 47

Which of the following products can be installed on a computer running Windows XP to provide personal firewall protection, antivirus protection, web and mail filtering, spam filtering, and VPN functionality?

 

A.

FortiGate

B.

FortiAnalyzer

C.

FortiClient

D.

FortiManager

E.

FortiReporter

 

Correct Answer: C

 

 

QUESTION 48

A FortiGate 100 unit is configured to receive push updates from the FortiGuard Distribution Network, however, updates are not being received. Which of the following statements are possible reasons for this? (Select all that apply.)

 

A.

The external facing interface of the FortiGate unit is configured to use DHCP.

B.

The FortiGate unit has not been registered.

C.

There is a NAT device between the FortiGate unit and the FortiGuard Distribution Network.

D.

The FortiGate unit is in Transparent mode.

 

Correct Answer: ABC

 

 

QUESTION 49

Which of the following statements describes the method of creating a policy to block access to an FTP site?

 

A.

Enable Web Filter URL blocking and add the URL of the FTP site to the URL Block list.

B.

Create a firewall policy with destination address set to the IP address of the FTP site, the Service set to FTP, and the Action set to Deny.

C.

Create a firewall policy with a protection profile containing the Block FTP option enabled.

D.

None of the above.

 

Correct Answer: B

 

 

QUESTION 50

Which of the following statements regarding Banned Words are correct? (Select all that apply.)

 

A.

The FortiGate unit can scan web pages and email messages for instances of banned words.

B.

When creating a banned word list, an administrator can indicate either specific words or patterns.

C.

Banned words can be expressed as simple text, wildcards or regular expressions.

D.

Content is automatically blocked if a single instance of a banned word appears.

E.

The FortiGate unit updates banned words on a periodic basis.

 

Correct Answer: ABC

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.