Ensurepass

QUESTION 71

The command structure of the CLI on a FortiGate unit consists of commands, objects, branches, tables and parameters. Which of the following items describes port1?

 

A.

A command.

B.

An object.

C.

A table.

D.

A parameter.

 

Correct Answer: C

 

 

QUESTION 72

How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?

 

A.

A static route must be configured by the administrator using the ssl.root interface as the outgoing interface.

B.

Assignment of an IP address to the client causes a host route to be added to the FortiGate unit’s kernel routing table.

C.

A route back to the SSLVPN IP pool is automatically created on the FortiGate unit.

D.

The FortiGate unit adds a route based upon the destination address in the SSL VPN firewall policy.

 

Correct Answer: B

 

 

QUESTION 73

A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

 < /b>

A.

Split tunneling can be enabled when using tunnel mode SSL VPN.

B.

Client software is required to be able to use a tunnel mode SSL VPN.

C.

Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy.

D.

The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

 

Correct Answer: ABCD

 

 

QUESTION 74

Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)

 

A.

FortiGate

B.

FortiClient

C.

FortiMail

D.

FortiAnalyzer

 

Correct Answer: ABC

 

 

QUESTION 75

Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. An administrator must assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?

 

A.

Enable a set of unique UTM features under “Edit User Group”.

B.

The administrator must enable the UTM features in an identify-based policy applicable to the user group.

C.

When defining the UTM objects, the administrator must list the user groups which will use the UTM object.

D.

The administrator must apply the UTM features directly to a user object.

 

Correct Answer: B

 

 

 

 

 

 

QUESTION 76

FortiGate units are preconfigured with four default protection profiles. These protection profiles are used to control the type of content inspection to be performed. What action must be taken for one of these profiles to become active?

 

A.

The protection profile must be assigned to a firewall policy.

B.

The “Use Protection Profile” option must be selected in the Web Config tool under the sections for AntiVirus, IPS, WebFilter, and AntiSpam.

C.

The protection profile must be set as the Active Protection Profile.

D.

All of the above.

 

Correct Answer: A

 

 

QUESTION 77

Which one of the following statements is correct about raw log messages?

 

A.

Logs have a header and a body section. The header will have the same layout for every log message. The body section will change layout from one type of log message to another.

B.

Logs have a header and a body section. The header and body will change layout from one type of log message to another.

C.

Logs have a header and a body section. The header and body will have the same layout for every log message.

D.

None of the above

 

Correct Answer: A

 

 

QUESTION 78

In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services.

 

Correct Answer: antispam

 

 

QUESTION 79

The FortiGate unit’s GUI provides a link to update the firmware. Clicking this link will perform which of the following actions?

 

A.

It will connect to the Fortinet Support site where the appropriate firmware version can be selected.

B.

It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.

C.

It will present a prompt to allow browsing to the location of the firmware file.

D.

It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.

 

Correct Answer: C

 

 

QUESTION 80

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

 

A.

The FortiGate unit applies NAT to all traffic.

B.

The FortiGate unit functions as a Layer 3 device.

C.

The FortiGate unit functions as a Layer 2 device.

D.

The FortiGate unit functions as a router and the firewall function is disabled.

 

Correct Answer: B

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.