Top 10 rapidshare NSE5 for IT engineers (11 to 20)

Want to know {brand} NSE5 Exam practice test features? Want to lear more about Fortinet Fortinet Network Security Expert 5 Written Exam (500) certification experience? Study Tested Fortinet NSE5 answers to Renovate NSE5 questions at {brand}. Gat a success with an absolute guarantee to pass Fortinet NSE5 (Fortinet Network Security Expert 5 Written Exam (500)) test on your first attempt.

2016 Sep NSE5 Study Guide Questions:

Q11. – (Topic 3) 

Which of the following items is NOT a packet characteristic matched by a firewall service object? 

A. ICMP type and code 

B. TCP/UDP source and destination ports 

C. IP protocol number 

D. TCP sequence number 

Answer: D 

Q12. – (Topic 3) 

A FortiClient fails to establish a VPN tunnel with a FortiGate unit. 

The following information is displayed in the FortiGate unit logs: 

msg="Initiator: sent main mode message #1 (OK)" 

msg="Initiator: sent main mode message #2 (OK)" 

msg="Initiator: sent main mode message #3 (OK)" 

msg="Initiator: parsed main mode message #3 (DONE)" 

msg="Initiator: sent quick mode message #1 (OK)" 

msg="Initiator: tunnel install ipsec sa" 

msg="Initiator: sent quick mode message #2 (DONE)" 

msg="Initiator: tunnel, transform=ESP_3DES, HMAC_MD5" 

msg="Failed to acquire an IP address 

Which of the following statements is a possible cause for the failure to establish the VPN tunnel? 

A. An IPSec DHCP server is not enabled on the external interface of the FortiGate unit. 

B. There is no IPSec firewall policy configured for the policy-based VPN. 

C. There is a mismatch between the FortiGate unit and the FortiClient IP addresses in the phase 2 settings. 

D. The phase 1 configuration on the FortiGate unit uses Aggressive mode while FortiClient uses Main mode. 

Answer: A 

Q13. – (Topic 1) 

Which statement is correct regarding virus scanning on a FortiGate unit? 

A. Virus scanning is enabled by default. 

B. Fortinet Customer Support enables virus scanning remotely for you. 

C. Virus scanning must be enabled in a UTM security profile and the UTM security profile must be assigned to a firewall policy. 

D. Enabling virus scanning in a UTM security profile enables virus scanning for all traffic flowing through the FortiGate device. 

Answer: C 

NSE5  exam fees

Up to the immediate present NSE5 free practice questions:

Q14. – (Topic 3) 

An administrator configures a VPN and selects the Enable IPSec Interface Mode option in the phase 1 settings. 

Which of the following statements are correct regarding the IPSec VPN configuration? 

A. To complete the VPN configuration, the administrator must manually create a virtual IPSec interface in Web Config under System > Network. 

B. The virtual IPSec interface is automatically created after the phase1 configuration. 

C. The IPSec policies must be placed at the top of the list. 

D. This VPN cannot be used as part of a hub and spoke topology. 

E. Routes were automatically created based on the address objects in the firewall policies. 

Answer: B 

Q15. – (Topic 3) 

What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a fully-meshed set of IPSec tunnels? (Select all that apply.) 

A. Using a hub and spoke topology is required to achieve full redundancy. 

B. Using a hub and spoke topology simplifies configuration. 

C. Using a hub and spoke topology provides stronger encryption. 

D. Using a hub and spoke topology reduces the number of tunnels. 

Answer: B,D 

Q16. – (Topic 2) 

In Transparent Mode, forward-domain is an attribute of ______________. 

A. an interface 

B. a firewall policy 

C. a static route 

D. a virtual domain 

Answer: A 

NSE5  exam fees

Realistic NSE5 Q&A:

Q17. CORRECT TEXT – (Topic 1) 

When creating administrative users, the assigned _____________determines user rights on the FortiGate unit. 

Answer: access profile 

Q18. – (Topic 3) 

What is the effect of using CLI "config system session-ttl" to set session_ttl to 1800 seconds? 

A. Sessions can be idle for no more than 1800 seconds. 

B. The maximum length of time a session can be open is 1800 seconds. 

C. After 1800 seconds, the end user must reauthenticate. 

D. After a session has been open for 1800 seconds, the FortiGate unit will send a keepalive packet to both client and server. 

Answer: A 

Q19. – (Topic 3) 

An administrator is examining the attack logs and notices the following entry: 

type=ips subtype=signature pri=alert vd=root serial=1995 attack_id=103022611 src= dst= src_port=80 dst_port=4887 src_int=wlan dst_int=internal status=detected proto=6 service=4887/tcp user=N/A group=N/A msg=web_client: IE.IFRAME.BufferOverflow.B 

Based on the information displayed in this entry, which of the following statements are correct? (Select all that apply.) 

A. This is an HTTP server attack. 

B. The attack was detected and blocked by the FortiGate unit. 

C. The attack was against a FortiGate unit at the IP address. 

D. The attack was detected and passed by the FortiGate unit. 

Answer: C,D 

Q20. – (Topic 2) 

Select the answer that describes what the CLI command diag debug authd fsso list is used for. 

A. Monitors communications between the FSSO Collector Agent and FortiGate unit. 

B. Displays which users are currently logged on using FSSO. 

C. Displays a listing of all connected FSSO Collector Agents. 

D. Lists all DC Agents installed on all Domain Controllers. 

Answer: B 

About NSE5 Information: NSE5 Dumps