Ensurepass

QUESTION 51

Which of the following items is NOT a packet characteristic matched by a firewall service object?

 

A.

ICMP type and code

B.

TCP/UDP source and destination ports

C.

IP protocol number

D.

TCP sequence number

 

Correct Answer: D

QUESTION 52

Which of the following network protocols are supported for administrative access to a FortiGate unit?

 

A.

HTTPS, HTTP, SSH, TELNET, PING, SNMP

B.

FTP, HTTPS, NNTP, TCP, WINS

C.

HTTP, NNTP, SMTP, DHCP

D.

Telnet, FTP, RLOGIN, HTTP, HTTPS, DDNS

E.

Telnet, UDP, NNTP, SMTP

 

Correct Answer: A

 

 

QUESTION 53

Which of the following spam filtering methods are supported on the FortiGate unit? (Select all that apply.)

 

A.

IP Address Check

B.

Open Relay Database List (ORDBL)

C.

Black/White List

D.

Return Email DNS Check

E.

Email Checksum Check

 

Correct Answer: ABCDE

 

 

QUESTION 54


Which of the following statements are correct regarding URL filtering on the FortiGate unit? (Select all that apply.)

 

A.

The allowed actions for URL Filtering include Allow, Block and Exempt.

B.

The allowed actions for URL Filtering are Allow and Block.

C.

The FortiGate unit can filter URLs based on patterns using text and regular expressions.

D.

Any URL accessible by a web browser can be blocked using URL Filtering.

E.

Multiple URL Filter lists can be added to a single protection profile.

 

Correct Answer: AC

 

 

QUESTION 55

Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention for traffic flowing through the FortiGate unit? (Select all that apply.)

 

A.

Assign a DLP sensor in a firewall policy.

B.

Apply one or more DLP rules to a firewall policy.

C.

Enable DLP globally using the config sys dlp command in the CLI.

D.

Define one or more DLP rules.

E.

Define a DLP sensor.

F.

Apply a DLP sensor to a DoS sensor policy.

 

Correct Answer: ADE

 

QUESTION 56

Which of the following items does NOT support the Logging feature?

 

A.

File Filter

B.

Application control

C.

Session timeouts

D.

Administrator activities

E.

Web URL filtering

 

Correct Answer: C

 

 

QUESTION 57

An administrator wants to assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?

 

A.

Enable a set of unique UTM profiles under “Edit User Group”.

B.

The administrator must enable the UTM profiles in an identity-based policy applicable to the user group.

C.

When defining the UTM objects, the administrator must list the user groups which will use the UTM object.

D.

The administrator must apply the UTM features directly to a user object.

 

Correct Answer: B

 

 

QUESTION 58

In which order are firewall policies processed on the FortiGate unit?

 

A.

They are processed from the top down as they appear in Web Config.

B.

They are processed based on the policy ID number shown in the left hand column of the policy window.

C.

They are processed using a policy hierarchy scheme that allows for multiple decision branching.

D.

They are processed based on a priority value assigned through the priority column in the policy window.

 

Correct Answer: A

 

 

QUESTION 59

Which of the following statements is correct regarding URL Filtering on the FortiGate unit?

 

A.

The FortiGate unit can filter URLs based on patterns using text and regular expressions.

B.

The available actions for URL Filtering are Allow and Block.

C.

Multiple URL Filter lists can be added to a single Web filter profile.

D.

A FortiGuard Web Filtering Override match will override a block action in the URL filter list.

 

Correct Answer: A

 

 

QUESTION 60

Which email filter is NOT available on a FortiGate device?

 

A.

Sender IP reputation database.

B.

URLs included in the body of known SPAM messages.

C.

Email addresses included in the body of known SPAM messages.

D.

Spam object checksums.

E.

Spam grey listing.

 

Correct Answer: E

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.