Ensurepass

QUESTION 81

Which of the following statements correctly describes how a FortiGate unit functions in Transparent mode?

 

A.

To manage the FortiGate unit, one of the interfaces must be designated as the management interface. This interface may not be used for forwarding data.

B.

An IP address is used to manage the FortiGate unit but this IP address is not associated with a specific interface.

C.

The FortiGate unit must use public IP addresses on the internal and external networks.

D.

The FortiGate unit uses private IP addresses on the internal network but hides them using address translation.

 

Correct Answer: B

 

 

QUESTION 82

What is the FortiGate unit password recovery process?

 

A.

Interrupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.

B.

Log in through the console port using the “maintainer” account within approximately 30 seconds of a reboot.

C.

Hold down the CTRL + Esc (Escape) keys during reboot, then reset the admin password.

D.

The only way to regain access is to interrupt the boot sequence and restore a configuration file for which the password has been modified.

 

Correct Answer: B

 

 

QUESTION 83

The default administrator profile that is assigned to the default “admin” user on a FortGate device is:____________________.

 

A.

trusted-admin

B.

super_admin

C.

super_user

D.

admin

E.

fortinet-root

 

Correct Answer: B

 

 

QUESTION 84

What is the FortiGate unit password recovery process?

 

A.

Interupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry.

B.

Log in through the console port using the maintainer account within several minutes of a reboot.

C.

Hold CTRL + break during reboot and reset the admin password.

D.

The only way to regain access is to interrupt boot sequence and restore a configuration file for which the password has been modified.

 

Correct Answer: B

 

 

QUESTION 85

An administrator has configured a FortiGate unit so that end users must authenticate against the firewall using digital certificates before browsing the Internet. What must the user have for a successful authentication? (Select all that apply.)

 

A.

An entry in a supported LDAP Directory.

B.

A digital certificate issued by any CA server.

C.

A valid username and password.

D.

A digital certificate issued by the FortiGate unit.

E.

Membership in a firewall user group.

 

Correct Answer: BE

 

 

QUESTION 86

A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. Which one of the following statements is correct regarding the use of web-only mode SSL VPN?

 

A.

Web-only mode supports SSL version 3 only.

B.

A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN.

C.

Web-only mode requires the user to have a web browser that supports 64-bit cipher length.

D.

The JAVA run-time environment must be installed on the client to be able to connect to a web-only mode SSL VPN.

 

Correct Answer: C

 

 

QUESTION 87

In which order are firewall policies processed on the FortiGate unit?

 

A.

They are processed from the top down according to their sequence number.

B.

They are processed based on the policy ID number shown in the left hand column of the policy window.

C.

They are processed on best match.

D.

They are processed based on a priority value assigned through the priority column in the policy window.

 

Correct Answer: A

 

 

QUESTION 88

Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.)

 

A.

Push update

B.

Scheduled update

C.

Manual update

D.

FTP update

 

Correct Answer: ABC

 

 

QUESTION 89

File blocking rules are applied before which of the following?

 

A.

Firewall policy processing

B.

Virus scanning

C.

Web URL filtering

D.

White/Black list filtering

 

Correct Answer: B

 

 

QUESTION 90

Which statement is correct regarding virus scanning on a FortiGate unit?

 

A.

Virus scanning is enabled by default.

B.

Fortinet Customer Support enables virus scanning remotely for you.

C.

Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy.

D.

Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through the FortiGate device.

 

Correct Answer: C

 

Free VCE & PDF File for Fortinet NSE5 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.