Exam Code: NSE5 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Fortinet Network Security Expert 5 Written Exam (500)
Certification Provider: Fortinet
Free Today! Guaranteed Training- Pass NSE5 Exam.

2021 Sep NSE5 braindumps

Q41. - (Topic 2) 

Data Leak Prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.) 


B. IPSec 


D. POP3 


Answer: C,D,E 

Q42. - (Topic 1) 

Which of the following methods can be used to access the CLI? (Select all that apply.) 

A. By using a direct connection to a serial console. 

B. By using the CLI console window in the GUI. 

C. By using an SSH connection. 

D. By using a Telnet connection. 

Answer: A,B,C,D 

Q43. - (Topic 2) 

How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.) 

A. File TypE. Microsoft Office(msoffice) 

B. File TypE. Archive(zip) 

C. File TypE. Unknown Filetype(unknown) 

D. File NamE. "*.ppt", "*.doc", "*.xls" 

E. File NamE. "*.pptx", "*.docx", "*.xlsx" 

Answer: B,E 

Q44. - (Topic 1) 

The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate Web Config and also using the CLI. The command used in the CLI to perform this function is __________. 

A. set order 

B. edit policy 

C. reorder 

D. move 

Answer: D 

Q45. - (Topic 1) 

Which of the following is true regarding Switch Port Mode? 

A. Allows all internal ports to share the same subnet. 

B. Provides separate routable interfaces for each internal port. 

C. An administrator can select ports to be used as a switch. 

D. Configures ports to be part of the same broadcast domain. 

Answer: A 

NSE5 actual test

Far out NSE5 actual test:

Q46. - (Topic 3) 

A network administrator needs to implement dynamic route redundancy between a FortiGate unit located in a remote office and a FortiGate unit located in the central office. 

The remote office accesses central resources using IPSec VPN tunnels through two different Internet providers. 

What is the best method for allowing the remote office access to the resources through the FortiGate unit used at the central office? 

A. Use two or more route-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces. 

B. Use two or more policy-based IPSec VPN tunnels and enable OSPF on the IPSec virtual interfaces. 

C. Use route-based VPNs on the central office FortiGate unit to advertise routes with a dynamic routing protocol and use a policy-based VPN on the remote office with two or more static default routes. 

D. Dynamic routing protocols cannot be used over IPSec VPN tunnels. 

Answer: A 

Q47. - (Topic 1) 

Which of the following network protocols can be used to access a FortiGate unit as an administrator? 





E. Telnet, UDP, NNTP, SMTP 

Answer: A 

Q48. - (Topic 3) 

A FortiClient fails to establish a VPN tunnel with a FortiGate unit. 

The following information is displayed in the FortiGate unit logs: 

msg="Initiator: sent main mode message #1 (OK)" 

msg="Initiator: sent main mode message #2 (OK)" 

msg="Initiator: sent main mode message #3 (OK)" 

msg="Initiator: parsed main mode message #3 (DONE)" 

msg="Initiator: sent quick mode message #1 (OK)" 

msg="Initiator: tunnel install ipsec sa" 

msg="Initiator: sent quick mode message #2 (DONE)" 

msg="Initiator: tunnel, transform=ESP_3DES, HMAC_MD5" 

msg="Failed to acquire an IP address 

Which of the following statements is a possible cause for the failure to establish the VPN tunnel? 

A. An IPSec DHCP server is not enabled on the external interface of the FortiGate unit. 

B. There is no IPSec firewall policy configured for the policy-based VPN. 

C. There is a mismatch between the FortiGate unit and the FortiClient IP addresses in the phase 2 settings. 

D. The phase 1 configuration on the FortiGate unit uses Aggressive mode while FortiClient uses Main mode. 

Answer: A 

Q49. - (Topic 3) 

Which of the following DLP actions will override any other action? 

A. Exempt 

B. Quarantine Interface 

C. Block 

D. None 

Answer: A 

Q50. - (Topic 1) 

A FortiGate AntiVirus profile can be configured to scan for viruses on SMTP, FTP, POP3, and SMB protocols using which inspection mode? 

A. Proxy 


C. Flow-based 

D. Man-in-the-middle 

Answer: C