[2016-NEW!] PassLeader Premium 240q NSE5 Exam Questions For Free Download (Question 1 – Question 20)

      Comments Off on [2016-NEW!] PassLeader Premium 240q NSE5 Exam Questions For Free Download (Question 1 – Question 20)

Where To Get The 100 Percent Valid NSE5 Exam Dumps? PassLeader — one famous IT Certification Exam Study Materials Supplier — is offer the 100 percent valid 240q NSE5 exam dumps, which covers all the new NSE5 exam questions with detailed explanation and it has been helped many people passing NSE5 exam easily! Welcome to choose the best 240q NSE5 practice test from passleader.com, both NSE5 PDF dumps and NSE5 VCE dumps are available now!

keywords: NSE5 exam,240q NSE5 exam dumps,240q NSE5 exam questions,NSE5 pdf dumps,NSE5 vce dumps,NSE5 braindumps,NSE5 practice tests,NSE5 study guide,Fortinet Network Security Analyst Exam

P.S. Download Free NSE5 PDF Dumps and Get Premium PassLeader NSE5 VCE Dumps At The End Of This Post!!! (Ctrl+End)

QUESTION 1
When creating administrative users, the assigned _____________determines user rights on the FortiGate unit.

Answer: access profile

QUESTION 2
Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)

A.    Forward-only
B.    Non-recursive
C.    Recursive
D.    Iterative
E.    Conditional-forward

Answer: ABC

QUESTION 3
Which of the following is true regarding Switch Port Mode?

A.    Allows all internal ports to share the same subnet.
B.    Provides separate routable interfaces for each internal port.
C.    An administrator can select ports to be used as a switch.
D.    Configures ports to be part of the same broadcast domain.

Answer: A

QUESTION 4
A FortiAnalyzer device could use which security method to secure the transfer of log data from FortiGate devices?

A.    SSL
B.    IPSec
C.    direct serial connection
D.    S/MIME

Answer: B

QUESTION 5
You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct?

A.    192.168.2.0 / 255.255.255.0
B.    192.168.2.2 / 255.255.255.0
C.    192.168.2.0 / 255.255.255.255
D.    192.168.2.2 / 255.255.255.255

Answer: D

QUESTION 6
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ .

A.    set order
B.    edit policy
C.    reorder
D.    move

Answer: D

QUESTION 7
Which of the following email spam filtering features is NOT supported on a FortiGate unit?

A.    Multipurpose Internet Mail Extensions (MIME) Header Check
B.    HELO DNS Lookup
C.    Greylisting
D.    Banned Word

Answer: C

QUESTION 8
Which of the following statements are true regarding Local User Authentication? (Select all that apply.)

A.    Local user authentication is based on usernames and passwords stored locally on the FortiGate unit.
B.    Two-factor authentication can be enabled on a per user basis.
C.    Administrators can create an account for the user locally and specify the remote server to verify the password.
D.    Local users are for administration accounts only and cannot be used for identity policies.

Answer: ABC

QUESTION 9
Which of the following statements regarding Banned Words are correct? (Select all that apply.)

A.    The FortiGate unit can scan web pages and email messages for instances of banned words.
B.    When creating a banned word list, an administrator can indicate either specific words or patterns.
C.    Banned words can be expressed as wildcards or regular expressions.
D.    Content is automatically blocked if a single instance of a banned word appears.
E.    The FortiGate unit includes a pre-defined library of common banned words.

Answer: ABC

QUESTION 10
Encrypted backup files provide which of the following benefits? (Select all that apply.)

A.    Integrity of the backup file is protected since it cannot be easily modified when encrypted.
B.    Prevents the backup file from becoming corrupted.
C.    Protects details of the device’s configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery.
D.    A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS.
E.    Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase.

Answer: AC

QUESTION 11
When browsing to an internal web server using a web-mode SSL VPN bookmark, from which of the following source IP addresses would the web server consider the HTTP request to be initiated?

A.    The remote user’s virtual IP address.
B.    The FortiGate unit’s internal IP address.
C.    The remote user’s public IP address.
D.    The FortiGate unit’s external IP address.

Answer: B

QUESTION 12
Which of the following antivirus and attack definition update features are supported by FortiGate units? (Select all that apply.)

A.    Manual, user-initiated updates from the FortiGuard Distribution Network.
B.    Hourly, daily, or weekly scheduled antivirus and attack definition and antivirus engine updates from the FortiGuard Distribution Network.
C.    Push updates from the FortiGuard Distribution Network.
D.    Update status including version numbers, expiry dates, and most recent update dates and times.

Answer: ABCD

QUESTION 13
SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website?

A.    The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user’s workstation.
B.    Disable the strict server certificate check in the web browser under Internet Options.
C.    Enable transparent proxy mode on the FortiGate unit.
D.    Enable NTLM authentication on the FortiGate unit. NTLM authentication suppresses the certificate warning messages in the web browser.

Answer: A

QUESTION 14
Two-factor authentication is supported using the following methods? (Select all that apply.)

A.    FortiToken
B.    Email
C.    SMS phone message
D.    Code books

Answer: ABC

QUESTION 15
Which statement is correct regarding virus scanning on a FortiGate unit?

A.    Virus scanning is enabled by default.
B.    Fortinet Customer Support enables virus scanning remotely for you.
C.    Virus scanning must be enabled in a protection profile and the protection profile must be assigned to a firewall policy.
D.    Enabling virus scanning in a protection profile enables virus scanning for all traffic flowing through the FortiGate.

Answer: C

QUESTION 16
An issue could potentially occur when clicking Connect to start tunnel mode SSL VPN. The tunnel will start up for a few seconds, then shut down. Which of the following statements best describes how to resolve this issue?

A.    This user does not have permission to enable tunnel mode. Make sure that the tunnel mode widget has been added to that user’s web portal.
B.    This FortiGate unit may have multiple Internet connections. To avoid this problem, use the appropriate CLI command to bind the SSL VPN connection to the original incoming interface.
C.    Check the SSL adaptor on the host machine. If necessary, uninstall and reinstall the adaptor from the tunnel mode portal.
D.    Make sure that only Internet Explorer is used. All other browsers are unsupported.

Answer: B

QUESTION 17
Users may require access to a web site that is blocked by a policy. Administrators can give users the ability to override the block. Which of the following statements regarding overrides are correct? (Select all that apply.)

A.    A protection profile may have only one user group defined as an override group.
B.    A firewall user group can be used to provide override privileges for FortiGuard Web Filtering.
C.    Authentication to allow the override is based on a user’s membership in a user group.
D.    Overrides can be allowed by the administrator for a specific period of time.

Answer: BCD

QUESTION 18
If a FortiGate unit has a dmz interface IP address of 210.192.168.2 with a subnet mask of 255.255.255.0, what is a valid dmz DHCP addressing range?

A.    172.168.0.1 – 172.168.0.10
B.    210.192.168.3 – 210.192.168.10
C.    210.192.168.1 – 210.192.168.4
D.    All of the above.

Answer: B

QUESTION 19
What are the valid sub-types for a Firewall type policy? (Select all that apply)

A.    Device Identity
B.    Address
C.    User Identity
D.    Schedule
E.    SSL VPN

Answer: ABC

QUESTION 20
If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces?

A.    The traffic is blocked.
B.    The traffic is passed.
C.    The traffic is passed and logged.
D.    The traffic is blocked and logged.

Answer: A

Download Free NSE5 PDF Dumps From Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpU0FrbTh1X3JMSmM

Download New NSE5 VCE Dumps From PassLeader: http://www.passleader.com/nse5.html (New Questions Are 100% Available and Wrong Answers Have Been Corrected!!!)