It is more faster and easier to pass the Fortinet NSE5 exam by using High value Fortinet Fortinet Network Security Expert 5 Written Exam (500) questuins and answers. Immediate access to the Most recent NSE5 Exam and find the same core area NSE5 questions with professionally verified answers, then PASS your exam with a high score now.

Q121. - (Topic 1) 

Which email filter is NOT available on a FortiGate device? 

A. Sender IP reputation database. 

B. URLs included in the body of known SPAM messages. 

C. Email addresses included in the body of known SPAM messages. 

D. Spam object checksums. 

E. Spam grey listing. 

Answer:


Q122. - (Topic 2) 

Which of the following statements are correct regarding Application Control? 

A. Application Control is based on the IPS engine. 

B. Application Control is based on the AV engine. 

C. Application Control can be applied to SSL encrypted traffic. 

D. Application Control cannot be applied to SSL encrypted traffic. 

Answer: A,C 


Q123. - (Topic 1) 

Which of the following network protocols are supported for administrative access to a FortiGate unit? 

A. HTTPS, HTTP, SSH, TELNET, PING, SNMP 

B. FTP, HTTPS, NNTP, TCP, WINS 

C. HTTP, NNTP, SMTP, DHCP 

D. Telnet, FTP, RLOGIN, HTTP, HTTPS, DDNS 

E. Telnet, UDP, NNTP, SMTP 

Answer:


Q124. - (Topic 3) 

When the SSL proxy inspects the server certificate for Web Filtering only in SSL Handshake mode, which certificate field is being used to determine the site rating? 

A. Common Name 

B. Organization 

C. Organizational Unit 

D. Serial Number 

E. Validity 

Answer:


Q125. - (Topic 1) 

A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. 

In addition, the system setting ‘utm-incident-traffic-log’ has been enabled..In which log will a UTM event message be stored? 

A. Traffic 

B. UTM 

C. System 

D. None 

Answer:


Q126. - (Topic 1) 

In order to match an identity-based policy, the FortiGate unit checks the IP information. Once inside the policy, the following logic is followed: 

A. First, a check is performed to determine if the user’s login credentials are valid. Next, the user is checked to determine if they belong to any of the groups defined for that policy. Finally, user restrictions are determined and port, time, and UTM profiles are applied. 

B. First, user restrictions are determined and port, time, and UTM profiles are applied. Next, a check is performed to determine if the user’s login credentials are valid. Finally, the user is checked to determine if they belong to any of the groups defined for that policy. 

C. First, the user is checked to determine if they belong to any of the groups defined for that policy. Next, user restrictions are determined and port, time, and UTM profiles are applied. Finally, a check is performed to determine if the user’s login credentials are valid. 

Answer:


Q127. - (Topic 1) 

Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit? 

A. Packet encryption 

B. MIB-based report uploads 

C. SNMP access limits through access lists 

D. Running SNMP service on a non-standard port is possible 

Answer:


Q128. - (Topic 3) 

Which of the following statements correctly describes the deepscan option for HTTPS? 

A. When deepscan is disabled, only the web server certificate is inspected; no decryption of content occurs. 

B. Enabling deepscan will perform further checks on the server certificate. 

C. Deepscan is only applicable to mail protocols, where all IP addresses in the header are checked. 

D. With deepscan enabled, archived files will be decompressed before scanning for a more comprehensive file inspection. 

Answer: