Exambible NSE5 Questions are updated and all NSE5 answers are verified by experts. Once you have completely prepared with our NSE5 exam prep kits you will be ready for the real NSE5 exam without a problem. We have Rebirth Fortinet NSE5 dumps study guide. PASSED NSE5 First attempt! Here What I Did.
Q41. - (Topic 1)
The FortiGate unit’s GUI provides a link to update the firmware.
Clicking this link will perform which of the following actions?
A. It will connect to the Fortinet Support site where the appropriate firmware version can be selected.
B. It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C. It will present a prompt to allow browsing to the location of the firmware file.
D. It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.
Answer: C
Q42. - (Topic 1)
Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices?
A. FortiGate device
B. FortiAnalyzer device
C. FortiClient device
D. FortiManager device
E. FortiMail device
F. FortiBridge device
Answer: B
Q43. - (Topic 2)
Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit.
Which of the following statements is correct regarding this output? (Select one answer).
A. One tunnel is rekeying
B. Two tunnels are rekeying
C. Two tunnels are up
D. One tunnel is up
Answer: C
Q44. - (Topic 3)
Which of the following statements are correct regarding the configuration of a FortiGate unit
as an SSL VPN gateway? (Select all that apply.)
A. Tunnel mode can only be used if the SSL VPN user groups have at least one Host Check option enabled.
B. The specific routes needed to access internal resources through an SSL VPN connection in tunnel mode from the client computer are defined in the routing widget associated with the SSL VPN portal.
C. In order to apply a portal to a user, that user must belong to an SSL VPN user group.
D. The portal settings specify whether the connection will operate in web-only or tunnel mode.
Answer: C,D
Q45. - (Topic 3)
An administrator has formed a High Availability cluster involving two FortiGate 310B units.
[Multiple upstream Layer 2 switches] -- [ FortiGate HA Cluster ] -- [ Multiple downstream Layer 2 switches ]
The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster.
Which of the following options describes the best step the administrator can take?
The administrator should...
A. set up a full-mesh design which uses redundant interfaces.
B. increase the number of FortiGate units in the cluster and configure HA in Active-Active mode.
C. enable monitoring of all active interfaces.
D. configure the HA ping server feature to allow for HA failover in the event that a path is disrupted.
Answer: A
Q46. - (Topic 3)
Which of the following statements is correct about how the FortiGate unit verifies username and password during user authentication?
A. If a remote server is included in a user group, it will be checked before local accounts.
B. An administrator can define a local account for which the password must be verified by querying a remote server.
C. If authentication fails with a local password, the FortiGate unit will query the authentication server if the local user is configured with both a local password and an authentication server.
D. The FortiGate unit will only attempt to authenticate against Active Directory if Fortinet Server Authentication Extensions are installed and configured.
Answer: B
Q47. - (Topic 3)
A FortiGate unit is configured with three Virtual Domains (VDOMs) as illustrated in the exhibit.
Which of the following statements are true if the network administrator wants to route traffic between all the VDOMs? (Select all that apply.)
A. The administrator should configure inter-VDOM links to avoid using external interfaces and routers.
B. As with all FortiGate unit interfaces, firewall policies must be in place for traffic to be allowed to pass through any interface, including inter-VDOM links. This provides the same level of security internally as externally.
C. This configuration requires the use of an external router.
D. Inter-VDOM routing is automatically provided if all the subnets that need to be routed are locally attached.
E. As each VDOM has an independant routing table, routing rules need to be set (for example, static routing, OSPF) in each VDOM to route traffic between VDOMs.
Answer: A,B,E
Q48. - (Topic 3)
Which of the following statements is not correct regarding virtual domains (VDOMs)?
A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.
B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.
C. A backup management VDOM will synchronize the configuration from an active management VDOM.
D. VDOMs share firmware versions, as well as antivirus and IPS databases.
E. Only administrative users with a super_admin profile will be able to enter all VDOMs to make configuration changes.
Answer: C