Fortinet NSE5 Exam Practice Questions (P. 3)
- Full Access (313 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #21
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
send
light_mode
delete
Question #22
What are the valid sub-types for a Firewall type policy? (Select all that apply)
send
light_mode
delete
Question #23
In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?
- AThe traffic is blocked.
- BThe traffic is passed.
- CThe traffic is passed and logged.
- DThe traffic is blocked and logged.
Correct Answer:
A
A
send
light_mode
delete
Question #24
In which order are firewall policies processed on the FortiGate unit?
- AThey are processed from the top down according to their sequence number.
- BThey are processed based on the policy ID number shown in the left hand column of the policy window.
- CThey are processed on best match.
- DThey are processed based on a priority value assigned through the priority column in the policy window.
Correct Answer:
A
A
send
light_mode
delete
Question #25
Which of the following pieces of information can be included in the Destination Address field of a firewall policy? (Select all that apply.)
- AAn IP address pool.
- BA virtual IP address.
- CAn actual IP address or an IP address group.
- DAn FQDN or Geographic value(s).
Correct Answer:
BCD
BCD
send
light_mode
delete
Question #26
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate units GUI and also using the CLI. The command used in the CLI to perform this function is ______ .
send
light_mode
delete
Question #27
You wish to create a firewall policy that applies only to traffic intended for your web server. The web server has an IP address of 192.168.2.2 and a /24 subnet mask. When defining the firewall address for use in this policy, which one of the following addresses is correct?
- A192.168.2.0 / 255.255.255.0
- B192.168.2.2 / 255.255.255.0
- C192.168.2.0 / 255.255.255.255
- D192.168.2.2 / 255.255.255.255
Correct Answer:
D
D
send
light_mode
delete
Question #28
What is the effect of using CLI "config system session-ttl" to set session_ttl to 1800 seconds?
- ASessions can be idle for no more than 1800 seconds.
- BThe maximum length of time a session can be open is 1800 seconds.
- CAfter 1800 seconds, the end user must reauthenticate.
- DAfter a session has been open for 1800 seconds, the FortiGate unit will send a keepalive packet to both client and server.
Correct Answer:
A
A
send
light_mode
delete
Question #29
Which of the following network protocols are supported for administrative access to a FortiGate unit?
- AHTTPS, HTTP, SSH, TELNET, PING, SNMP
- BFTP, HTTPS, NNTP, TCP, WINS
- CHTTP, NNTP, SMTP, DHCP
- DTelnet, FTP, RLOGIN, HTTP, HTTPS, DDNS
- ETelnet, UDP, NNTP, SMTP
Correct Answer:
A
A
send
light_mode
delete
Question #30
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?
- AThe FortiGate unit applies NAT to all traffic.
- BThe FortiGate unit functions as a Layer 3 device.
- CThe FortiGate unit functions as a Layer 2 device.
- DThe FortiGate unit functions as a router and the firewall function is disabled.
Correct Answer:
B
B
send
light_mode
delete
All Pages