Exambible NSE5 finding out resources are able for your personal knowledge along with experience of The idea pros a protracted status for trainees skilled troubles, that they required your Fortinet certification. Fortinet NSE5 explains of which getting your own objectives. Exambible NSE5 also known as your Exambible, time savings and money, because it can certainly fix most of the troubles, there is no need to catch plan many other software programs of the mother nature.

2021 Oct NSE5 practice question

Q41. - (Topic 3) 

Both the FortiGate and FortiAnalyzer units can notify administrators when certain alert conditions are met. 

Considering this, which of the following statements is NOT correct? 

A. On a FortiGate device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two. 

B. On a FortiAnalyzer device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two. 

C. Only a FortiAnalyzer device can send the alert notification in the form of a syslog message. 

D. Both the FortiGate and FortiAnalyzer devices can send alert notifications in the form of an email alert. 

Answer: B 


Q42. - (Topic 1) 

Which of the following statements are true of the FortiGate unit’s factory default configuration? 

A. ‘Port1’ or ‘Internal’ interface will have an IP of 192.168.1.99. 

B. ‘Port1’ or ‘Internal’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers). 

C. Default login will always be the username: admin (all lowercase) and no password. 

D. The implicit firewall action is ACCEPT. 

Answer: A,B,C 


Q43. - (Topic 3) 

Which of the following statements is correct about how the FortiGate unit verifies username and password during user authentication? 

A. If a remote server is included in a user group, it will be checked before local accounts. 

B. An administrator can define a local account for which the password must be verified by querying a remote server. 

C. If authentication fails with a local password, the FortiGate unit will query the authentication server if the local user is configured with both a local password and an authentication server. 

D. The FortiGate unit will only attempt to authenticate against Active Directory if Fortinet Server Authentication Extensions are installed and configured. 

Answer: B 


Q44. - (Topic 1) 

Two-factor authentication is supported using the following methods? (Select all that apply.) 

A. FortiToken 

B. Email 

C. SMS phone message 

D. Code books 

Answer: A,B,C 


Q45. - (Topic 1) 

An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. 

Which of the following statements best describes how to resolve this issue? 

A. This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user's web portal. 

B. This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface. 

C. Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal. 

D. Make sure that only Internet Explorer is used. All other browsers are unsupported. 

Answer: B 


NSE5 actual exam

Up to date NSE5 test engine:

Q46. - (Topic 3) 

An administrator has formed a High Availability cluster involving two FortiGate 310B units. 

[Multiple upstream Layer 2 switches] -- [ FortiGate HA Cluster ] -- [ Multiple downstream Layer 2 switches ] 

The administrator wishes to ensure that a single link failure will have minimal impact upon the overall throughput of traffic through this cluster. 

Which of the following options describes the best step the administrator can take? 

The administrator should... 

A. set up a full-mesh design which uses redundant interfaces. 

B. increase the number of FortiGate units in the cluster and configure HA in Active-Active mode. 

C. enable monitoring of all active interfaces. 

D. configure the HA ping server feature to allow for HA failover in the event that a path is disrupted. 

Answer: A 


Q47. - (Topic 1) 

When firewall policy authentication is enabled, only traffic on supported protocols will trigger an authentication challenge. 

Select all supported protocols from the following: 

A. SMTP 

B. SSH 

C. HTTP 

D. FTP 

E. SCP 

Answer: C,D 


Q48. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit includes a pre-defined library of common banned words. 

Answer: A,B,C 


Q49. - (Topic 3) 

The Host Check feature can be enabled on the FortiGate unit for SSL VPN connections. 

When this feature is enabled, the FortiGate unit probes the remote host computer to verify that it is "safe" before access is granted. 

Which of the following items is NOT an option as part of the Host Check feature? 

A. FortiClient Antivirus software 

B. Microsoft Windows Firewall software 

C. FortiClient Firewall software 

D. Third-party Antivirus software 

Answer: B 


Q50. - (Topic 1) 

In which order are firewall policies processed on the FortiGate unit? 

A. They are processed from the top down as they appear in Web Config. 

B. They are processed based on the policy ID number shown in the left hand column of the policy window. 

C. They are processed using a policy hierarchy scheme that allows for multiple decision branching. 

D. They are processed based on a priority value assigned through the priority column in the policy window. 

Answer: A