Fortinet NSE5 ExamFortinet Network Security Expert 5 Written Exam (500)

Total Question: 320 Last Updated: Jul 13,2019
  • Updated NSE5 Dumps
  • Based on Real NSE5 Exams Scenarios
  • Free NSE5 pdf Demo Available
  • Check out our NSE5 Dumps in a new PDF format
  • Instant NSE5 download
  • Guarantee NSE5 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $39.99

Buy Now Free Trial

Top 11 cram NSE5 for IT professionals (181 to 191)

Exact of NSE5 practice materials and practice for Fortinet certification for IT professionals, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!

2016 Apr NSE5 Study Guide Questions:

Q181. - (Topic 3) 

Based on the web filtering configuration illustrated in the exhibit, 

which one of the following statements is not a reasonable conclusion? 

A. Users can access both the site and the site. 

B. When a user attempts to access the site, the FortiGate unit will not perform web filtering on the content of that site. 

C. When a user attempts to access the site, any remaining web filtering will be bypassed. 

D. Downloaded content from will be scanned for viruses if antivirus is enabled. 

Answer: B 

Q182. - (Topic 1) 

An end user logs into the full-access SSL VPN portal and selects the Tunnel Mode option by clicking on the “Connect” button. The administrator has enabled split tunneling. 

Given that the user authenticates against the SSL VPN policy shown in the image below, which statement below identifies the route that is added to the client’s routing table. 

A. A route to destination matching the ‘WIN2K3’ address object. 

B. A route to the destination matching the ‘all’ address object. 

C. A default route. 

D. No route is added. 

Answer: A 

Q183. - (Topic 2) 

Examine the following log message for IPS and identify the valid responses below. (Select all that apply.) 

2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity="critical" src="" dst="" src_int="port2" serial=0 status="detected" proto=1 service="icmp" count=1 attack_name="icmp_flood" icmp_id="0xa8a4" icmp_type="0x08" icmp_code="0x00" attack_id=16777316 sensor="1" ref="" msg="anomaly: icmp_flood, 51 > threshold 50" 

A. The target is 

B. The target is 

C. The attack was detected and blocked. 

D. The attack was detected only. 

E. The attack was TCP based. 

Answer: B,D 

NSE5 torrent

Abreast of the times NSE5 pdf exam:

Q184. - (Topic 1) 

Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available event types in Web Config? (Select all that apply.) 

A. Intrusion detected. 

B. Successful firewall authentication. 

C. Oversized file detected. 

D. DHCP address assigned. 

E. FortiGuard Web Filtering rating error detected. 

Answer: A 

Q185. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as simple text, wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit updates banned words on a periodic basis. 

Answer: A,B,C 

Q186. - (Topic 2) 

Review the IPsec Phase2 configuration shown in the Exhibit; then answer the question following it. 

Which of the following statements are correct regarding this configuration? (Select all that apply). 

A. The Phase 2 will re-key even if there is no traffic. 

B. There will be a DH exchange for each re-key. 

C. The sequence number of ESP packets received from the peer will not be checked. 

D. Quick mode selectors will default to those used in the firewall policy. 

Answer: A,B 

NSE5 real exam

Tested NSE5 answers:

Q187. - (Topic 1) 

Which of the following methods can be used to access the CLI? (Select all that apply.) A. By using a direct connection to a serial console. 

B. By using the CLI console window in Web Config. 

C. By using an SSH connection. 

D. By using a Telnet connection. 

Answer: A,B,C,D 

Q188. - (Topic 1) 

Which of the following email spam filtering features is NOT supported on a FortiGate unit? 

A. Multipurpose Internet Mail Extensions (MIME) Header Check 

B. HELO DNS Lookup 

C. Greylisting 

D. Banned Word 

Answer: C 

Q189. - (Topic 3) 

A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit. 

Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit? 

A. The FortiGate unit is considered an unregistered device. 

B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator. 

C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges. 

D. The FortiGate unit is being treated as a syslog device and is only permitted to send log data. 

Answer: A 

Q190. - (Topic 2) 

For Data Leak Prevention, which of the following describes the difference between the block and quarantine actions? 

A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol. 

B. A block action prevents the transaction. A quarantine action archives the data. 

C. A block action has a finite duration. A quarantine action must be removed by an administrator. 

D. A block action is used for known users. A quarantine action is used for unknown users. 

Answer: A 

Q191. - (Topic 1) 

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode? 

A. The FortiGate unit requires only a single IP address for receiving updates and configuring from a management computer. 

B. The FortiGate unit must use public IP addresses on both the internal and external networks. 

C. The FortiGate unit commonly uses private IP addresses on the internal network but hides them using network address translation. 

D. The FortiGate unit uses only DHCP-assigned IP addresses on the internal network. 

Answer: C 

Related NSE5 Articles