Ensurepass

QUESTION 61

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

 

A.

The FortiGate unit requires only a single IP address for receiving updates and configuring from a management computer.

B.

The FortiGate unit must use public IP addresses on both the internal and external networks.

C.

The FortiGate unit commonly uses private IP addresses on the internal network but hides them using network address translation.

D.

The FortiGate unit uses only DHCP-assigned IP addresses on the internal network.

 

Correct Answer: C

 

 

QUESTION 62

Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices?

 

A.

FortiGate device

B.

FortiAnalyzer device

C.

FortiClient device

D.

FortiManager device

E.

FortiMail device

F.

FortiBridge device

 

Correct Answer: B

 

 

QUESTION 63

Which of the following methods can be used to access the CLI? (Select all that apply.)

 

A.

By using a direct connection to a serial console.

B.

By using the CLI console window in Web Config.

C.

By using an SSH connection.

D.

By using a Telnet connection.

 

Correct Answer: ABCD

 

 

QUESTION 64

In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)

 

A.

Create firewall policies to control traffic between the IP source and destination address.

B.

Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.

C.

Set the operating mode of the FortiGate unit to IPSec VPN mode.

D.

Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.

E.

Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.

 

Correct Answer: ADE

 

 

QUESTION 65

The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.)

 

A.

MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2)

B.

PAP (Password Authentication Protocol)

C.

CHAP (Challenge-Handshake Authentication Protocol)

D.

MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1)

E.

FAP (FortiGate Authentication Protocol)

 

Correct Answer: ABCD

 

 

QUESTION 66

Which of the following Regular Expression patterns will make the term “bad language” case insensitive?

 

A.

[bad language]

B.

/bad language/i

C.

i/bad language/

D.

“bad language”

E.

/bad language/c

 

Correct Answer: B

 

 

QUESTION 67

Which of the following authentication types are supported by FortiGate units? (Select all that apply.)

 

A.

Kerberos

B.

LDAP

C.

RADIUS

D.

Local Users

 

Correct Answer: BCD

 

 

 

 

 

 

QUESTION 68

A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. In addition, the system setting `utm-incident-traffic-log’ has been enabled. In which log will a UTM event message be stored?

 

A.

Traffic

B.

UTM

C.

System

D.

None

 

Correct Answer: A

 

 

QUESTION 69

In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?

 

A.

The traffic is blocked.

B.

The traffic is passed.

C.

The traffic is passed and logged.

D.

The traffic is blocked and logged.

 

Correct Answer: A

 

 

QUESTION 70

Which of the following statements is correct regarding URL Filtering on the FortiGate unit?

 

A.

The available actions for URL Filtering are Allow and Block.

B.

Multiple URL Filter lists can be added to a single Web filter profile.

C.

A FortiGuard Web Filtering Override match will override a block action in the URL filter list.

D.

The available actions for URL Filtering are Allow, Block and Exempt.

 

Correct Answer: D

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.