It is impossible to pass Fortinet NSE5 exam without any help in the short term. Come to Actualtests soon and find the most advanced, correct and guaranteed Fortinet NSE5 practice questions. You will get a surprising result by our Up to the minute Fortinet Network Security Expert 5 Written Exam (500) practice guides.

2021 Oct NSE5 actual exam

Q121. - (Topic 1) 

Which email filter is NOT available on a FortiGate device? 

A. Sender IP reputation database. 

B. URLs included in the body of known SPAM messages. 

C. Email addresses included in the body of known SPAM messages. 

D. Spam object checksums. 

E. Spam grey listing. 

Answer:


Q122. - (Topic 1) 

The FortiGate Web Config provides a link to update the firmware in the System > Status window. Clicking this link will perform which of the following actions? 

A. It will connect to the Fortinet support site where the appropriate firmware version can be selected. 

B. It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit. 

C. It will present a prompt to allow browsing to the location of the firmware file. 

D. It will automatically connect to the Fortinet support site to download the most recent firmware version for the FortiGate unit. 

Answer:


Q123. - (Topic 3) 

Which of the following statements is correct regarding the FortiGuard Services Web Filtering Override configuration as illustrated in the exhibit? 

A. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/. 

B. A client with an IP of address 10.10.10.12 is allowed access to any subdirectory that is part of the www.yahoo.com web site. 

C. A client with an IP address of 10.10.10.12 is allowed access to the www.yahoo.com/images/ web site and any of its offsite URLs. 

D. A client with an IP address of 10.10.10.12 is allowed access to any URL under the www.yahoo.com web site, including any subdirectory URLs, until August 7, 2009. 

E. Any client on the same subnet as the authenticated user is allowed to access www.yahoo.com/images/ until August 7, 2009. 

Answer:


Q124. - (Topic 3) 

Which of the following statements correctly describes the deepscan option for HTTPS? 

A. When deepscan is disabled, only the web server certificate is inspected; no decryption of content occurs. 

B. Enabling deepscan will perform further checks on the server certificate. 

C. Deepscan is only applicable to mail protocols, where all IP addresses in the header are checked. 

D. With deepscan enabled, archived files will be decompressed before scanning for a more comprehensive file inspection. 

Answer:


Q125. - (Topic 2) 

Review the CLI configuration below for an IPS sensor and identify the correct statements regarding this configuration from the choices below. (Select all that apply.) 

config ips sensor 

edit "LINUX_SERVER" 

set comment '' 

set replacemsg-group '' 

set log enable 

config entries 

edit 1 

set action default 

set application all 

set location server 

set log enable 

set log-packet enable 

set os Linux set protocol all 

set quarantine none 

set severity all 

set status default 

next 

end 

next 

end 

A. The sensor will log all server attacks for all operating systems. 

B. The sensor will include a PCAP file with a trace of the matching packets in the log message of any matched signature. 

C. The sensor will match all traffic from the address object ‘LINUX_SERVER’. 

D. The sensor will reset all connections that match these signatures. 

E. The sensor only filters which IPS signatures to apply to the selected firewall policy. 

Answer: B,E 


Renew NSE5 test question:

Q126. - (Topic 1) 

Which of the following statements is correct regarding URL Filtering on the FortiGate unit? 

A. The FortiGate unit can filter URLs based on patterns using text and regular expressions. 

B. The available actions for URL Filtering are Allow and Block. 

C. Multiple URL Filter lists can be added to a single Web filter profile. 

D. A FortiGuard Web Filtering Override match will override a block action in the URL filter list. 

Answer:


Q127. - (Topic 3) 

An administrator is configuring a DLP rule for FTP traffic. When adding the rule to a DLP sensor, 

the administrator notes that the Ban Sender action is not available (greyed-out), as shown in the exhibit. 

Which of the following is the best explanation for the Ban Sender action NOT being available? 

A. The Ban Sender action is never available for FTP traffic. 

B. The Ban Sender action needs to be enabled globally for FTP traffic on the FortiGate unit before configuring the sensor. 

C. Firewall policy authentication is required before the Ban Sender action becomes available. 

D. The Ban Sender action is only available for known domains. No domains have yet been added to the domain list. 

Answer:


Q128. - (Topic 3) 

Which of the following describes the difference between the ban and quarantine actions? 

A. A ban action prevents future transactions using the same protocol which triggered the ban. A qarantine action blocks all future transactions, regardless of the protocol. 

B. A ban action blocks the transaction. A quarantine action archives the data. 

C. A ban action has a finite duration. A quarantine action must be removed by an administrator. 

D. A ban action is used for known users. A quarantine action is used for unknown users. 

Answer:


Q129. - (Topic 1) 

Which of the following statements regarding Banned Words are correct? (Select all that apply.) 

A. The FortiGate unit can scan web pages and email messages for instances of banned words. 

B. When creating a banned word list, an administrator can indicate either specific words or patterns. 

C. Banned words can be expressed as simple text, wildcards or regular expressions. 

D. Content is automatically blocked if a single instance of a banned word appears. 

E. The FortiGate unit updates banned words on a periodic basis. 

Answer: A,B,C 


Q130. - (Topic 3) 

When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit. 

Which of the following statements is correct regarding this entry? 

A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule. 

B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature. 

This client is banned from receiving or sending any traffic through the FortiGate. 

C. The entry displays a quarantine, which could have been added by either IPS or DLP. 

D. This entry displays a ban entry that was added manually by the administrator on June11th. 

Answer: