Verified of NSE5 exam cost materials and questions for Fortinet certification for IT examinee, Real Success Guaranteed with Updated NSE5 pdf dumps vce Materials. 100% PASS Fortinet Network Security Expert 5 Written Exam (500) exam Today!

Q31. - (Topic 1) 

The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. 

Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.) 

A. MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2) 

B. PAP (Password Authentication Protocol) 

C. CHAP (Challenge-Handshake Authentication Protocol) 

D. MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1) 

E. FAP (FortiGate Authentication Protocol) 

Answer: A,B,C,D 

Q32. - (Topic 1) 

Examine the exhibit shown below; then answer the question following it. 

Which of the following statements best describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit? 

A. They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network. 

B. They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network. 

C. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit. 

D. They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network. 


Q33. - (Topic 2) 

Shown below is a section of output from the debug command diag ip arp list. 

index=2 ifname=port1 00:09:0f:69:03:7e state=00000004 use=4589 confirm=4589 update=2422 ref=1 

In the output provided, which of the following best describes the IP address 

A. It is the primary IP address of the port1 interface. 

B. It is one of the secondary IP addresses of the port1 interface. 

C. It is the IP address of another network device located in the same LAN segment as the FortiGate unit’s port1 interface. 


Q34. - (Topic 3) 

An administrator sets up a new FTP server on TCP port 2121. A FortiGate unit is located between the FTP clients and the server. The administrator has created a policy for TCP port 2121. 

Users have been complaining that when downloading data they receive a 200 Port command successful message followed by a 425 Cannot build data connection message. 

Which of the following statements represents the best solution to this problem? 

A. Create a new session helper for the FTP service monitoring port 2121. 

B. Enable the ANY service in the firewall policies for both incoming and outgoing traffic. 

C. Place the client and server interface in the same zone and enable intra-zone traffic. 

D. Disable any protection profiles being applied to FTP traffic. 


Q35. - (Topic 3) 

Which of the following describes the difference between the ban and quarantine actions? 

A. A ban action prevents future transactions using the same protocol which triggered the ban. A qarantine action blocks all future transactions, regardless of the protocol. 

B. A ban action blocks the transaction. A quarantine action archives the data. 

C. A ban action has a finite duration. A quarantine action must be removed by an administrator. 

D. A ban action is used for known users. A quarantine action is used for unknown users. 


Q36. - (Topic 1) 

Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. How are UTM features applied to traffic? 

A. One or more UTM features are enabled in a firewall policy. 

B. In the system configuration for that UTM feature, you can identify the policies to which the feature is to be applied. 

C. Enable the appropriate UTM objects and identify one of them as the default. 

D. For each UTM object, identify which policy will use it. 


Q37. - (Topic 1) 

A client can create a secure connection to a FortiGate device using SSL VPN in web-only mode. 

Which one of the following statements is correct regarding the use of web-only mode SSL VPN? 

A. Web-only mode supports SSL version 3 only. 

B. A Fortinet-supplied plug-in is required on the web client to use web-only mode SSL VPN. 

C. Web-only mode requires the user to have a web browser that supports 64-bit cipher length. 

D. The JAVA run-time environment must be installed on the client to be able to connect to a web-only mode SSL VPN. 


Q38. - (Topic 3) 

An intermittent connectivity issue is noticed between two devices located behind the FortiGate dmz and internal interfaces. A continuous sniffer trace is run on the FortiGate unit that the administrator will convert into a .cap file for an off-line analysis with a sniffer application. 

Given the high volume of global traffic on the network, which of the following CLI commands will best allow the administrator to perform this troubleshooting operation? 

A. diagnose sniffer packet any 

B. diagnose sniffer packet dmz "" 3 

C. diagnose sniffer packet any "host and host " 3 

D. diagnose sniffer packet any "host and host “ 4 


Q39. - (Topic 1) 

A FortiGate unit can create a secure connection to a client using SSL VPN in tunnel mode. 

Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.) 

A. Split tunneling can be enabled when using tunnel mode SSL VPN. 

B. Software must be downloaded to the web client to be able to use a tunnel mode SSL VPN. 

C. Users attempting to create a tunnel mode SSL VPN connection must be members of a configured user group on the FortiGate unit. 

D. Tunnel mode SSL VPN requires the FortiClient software to be installed on the user's computer. 

E. The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit. 

Answer: A,B,C,E 

Q40. - (Topic 3) 

Which of the following Session TTL values will take precedence? 

A. Session TTL specified at the system level for that port number 

B. Session TTL specified in the matching firewall policy 

C. Session TTL dictated by the application control list associated with the matching firewall policy 

D. The default session TTL specified at the system level 


Q41. - (Topic 3) 

When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option. 

What is a valid reason for using the Full Search option, instead? 

A. The search items you are looking for are not contained in indexed log fields. 

B. A quick search only searches data received within the last 24 hours. 

C. You want the search to include the FortiAnalyzer's local logs. 

D. You want the search to include content archive data as well. 


Q42. - (Topic 3) 

Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled? 

A. The proxy buffers the entire file from the client, only sending the file to the server if the file is clean. One possible consequence of buffering is that the server could time out. 

B. The proxy sends the file to the server while simultaneously buffering it. 

C. The proxy removes the infected file from the server by sending a delete command on behalf of the client. 

D. If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server. 


Q43. - (Topic 2) 

Two FortiGate devices fail to form an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of 'show system ha' for the STUDENT device. Exhibit B shows the command output of 'show system ha' for the REMOTE device. 

Exhibit A: 

Exhibit B 

Which one of the following is the most likely reason that the cluster fails to form? 

A. Password 

B. HA mode 

C. Hearbeat 

D. Override 


Q44. - (Topic 1) 

Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode? 

A. The FortiGate unit applies NAT to all traffic. 

B. The FortiGate unit functions as a Layer 3 device. 

C. The FortiGate unit functions as a Layer 2 device. 

D. The FortiGate unit functions as a router and the firewall function is disabled. 


Q45. - (Topic 3) 

Which of the following report templates must be used when scheduling report generation? 

A. Layout Template 

B. Data Filter Template 

C. Output Template 

D. Chart Template