Practical of NSE5 exam fees materials and braindump for Fortinet certification for customers, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!

Q57. - (Topic 3) 

A DLP rule with an action of Exempt has been matched against traffic passing through the FortiGate unit. Which of the following statements is correct regarding how this transaction will be handled by the FortiGate unit? 

A. Any other matched DLP rules will be ignored with the exception of Archiving. 

B. Future files whose characteristics match this file will bypass DLP scanning. 

C. The traffic matching the DLP rule will bypass antivirus scanning. 

D. The client IP address will be added to a white list. 

Answer:


Q58. - (Topic 1) 

Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.) 

A. Push update 

B. Scheduled update 

C. Manual update 

D. FTP update 

Answer: A,B,C 


Q59. - (Topic 1) 

Which of the following items represent the minimum configuration steps an administrator must perform to enable Data Leak Prevention for traffic flowing through the FortiGate unit? (Select all that apply.) 

A. Assign a DLP sensor in a firewall policy. 

B. Apply one or more DLP rules to a firewall policy. 

C. Enable DLP globally using the config sys dlp command in the CLI. 

D. Define one or more DLP rules. 

E. Define a DLP sensor. 

F. Apply a DLP sensor to a DoS sensor policy. 

Answer: A,D,E 


Q60. - (Topic 2) 

Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.) 

A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding. 

B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs. 

C. The device is transparent to network hosts. 

D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network. 

E. All interfaces must be on different IP subnets. 

Answer: A,B,C,D 


Q61. - (Topic 1) 

Which one of the following statements is correct about raw log messages? 

A. Logs have a header and a body section. The header will have the same layout for every log message. The body section will change layout from one type of log message to another. 

B. Logs have a header and a body section. The header and body will change layout from one type of log message to another. 

C. Logs have a header and a body section. The header and body will have the same layout for every log message. 

Answer:


Q62. - (Topic 3) 

You are the administrator in charge of a FortiGate unit which acts as a VPN gateway. You have chosen to use Interface Mode when configuring the VPN tunnel and you want users from either side to be able to initiate new sessions. There is only 1 subnet at either end and the FortiGate unit already has a default route. 

Which of the following configuration steps are required to achieve these objectives? (Select all that apply.) 

A. Create one firewall policy. 

B. Create two firewall policies. 

C. Add a route for the remote subnet. 

D. Add a route for incoming traffic. 

E. Create a phase 1 definition. 

F. Create a phase 2 definition. 

Answer: B,C,E,F 


Q63. - (Topic 1) 

Which of the following spam filtering methods are supported on the FortiGate unit? (Select all that apply.) 

A. IP Address Check 

B. Open Relay Database List (ORDBL) 

C. Black/White List 

D. Return Email DNS Check 

E. Email Checksum Check 

Answer: A,B,C,D,E 


Q64. - (Topic 2) 

The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows. 

Exhibit A – Antivirus Profile: 

Exhibit B – Non-default UTM Proxy Options Profile: 

Exhibit C – DLP Profile: 

Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol? 

A. Only Exhibit A 

B. Only Exhibit B 

C. Only Exhibit C with default UTM Proxy settings. 

D. All of the Exhibits (A, B and C) 

E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B). 

Answer: