[2016-NEW!] Exercise PassLeader 240q NSE5 Exam Dumps Collection To 100 Percent Pass Exam (Question 41 – Question 60)

What are the new NSE5 exam questions? And Where to download the latest NSE5 exam dumps? Now, PassLeader have been publised the new version of NSE5 braindumps with new added NSE5 exam questions. PassLeader offer the latest NSE5 PDF and VCE dumps with New Version VCE Player for free download, and PassLeader’s new 240q NSE5 practice tests ensure your exam 100 percent pass. Visit www.passleader.com to get the 100 percent pass ensure 240q NSE5 exam questions!

keywords: NSE5 exam,240q NSE5 exam dumps,240q NSE5 exam questions,NSE5 pdf dumps,NSE5 vce dumps,NSE5 braindumps,NSE5 practice tests,NSE5 study guide,Fortinet Network Security Analyst Exam

P.S. Download Free NSE5 PDF Dumps and Get Premium PassLeader NSE5 VCE Dumps At The End Of This Post!!! (Ctrl+End)

QUESTION 41
Which email filter is NOT available on a FortiGate device?

A.    Sender IP reputation database.
B.    URLs included in the body of known SPAM messages.
C.    Email addresses included in the body of known SPAM messages.
D.    Spam object checksums.
E.    Spam grey listing.

Answer: E

QUESTION 42
Which of the following statements is correct regarding a FortiGate unit operating in NAT/Route mode?

A.    The FortiGate unit requires only a single IP address for receiving updates and configuring from a management computer.
B.    The FortiGate unit must use public IP addresses on both the internal and external networks.
C.    The FortiGate unit commonly uses private IP addresses on the internal network but hides them using network address translation.
D.    The FortiGate unit uses only DHCP-assigned IP addresses on the internal network.

Answer: C

QUESTION 43
Which of the following products provides dedicated hardware to analyze log data from multiple FortiGate devices?

A.    FortiGate device
B.    FortiAnalyzer device
C.    FortiClient device
D.    FortiManager device
E.    FortiMail device
F.    FortiBridge device

Answer: B

QUESTION 44
Which of the following methods can be used to access the CLI? (Select all that apply.)

A.    By using a direct connection to a serial console.
B.    By using the CLI console window in Web Config.
C.    By using an SSH connection.
D.    By using a Telnet connection.

Answer: ABCD

QUESTION 45
In an IPSec gateway-to-gateway configuration, two FortiGate units create a VPN tunnel between two separate private networks. Which of the following configuration steps must be performed on both FortiGate units to support this configuration? (Select all that apply.)

A.    Create firewall policies to control traffic between the IP source and destination address.
B.    Configure the appropriate user groups on the FortiGate units to allow users access to the IPSec VPN connection.
C.    Set the operating mode of the FortiGate unit to IPSec VPN mode.
D.    Define the Phase 2 parameters that the FortiGate unit needs to create a VPN tunnel with the remote peer.
E.    Define the Phase 1 parameters that the FortiGate unit needs to authenticate the remote peers.

Answer: ADE

QUESTION 46
The FortiGate unit can be configured to allow authentication to a RADIUS server. The RADIUS server can use several different authentication protocols during the authentication process. Which of the following are valid authentication protocols that can be used when a user authenticates to the RADIUS server? (Select all that apply.)

A.    MS-CHAP-V2 (Microsoft Challenge-Handshake Authentication Protocol v2)
B.    PAP (Password Authentication Protocol)
C.    CHAP (Challenge-Handshake Authentication Protocol)
D.    MS-CHAP (Microsoft Challenge-Handshake Authentication Protocol v1)
E.    FAP (FortiGate Authentication Protocol)

Answer: ABCD

QUESTION 47
Which of the following Regular Expression patterns will make the term “bad language” case insensitive?

A.    [bad language]
B.    /bad language/i
C.    i/bad language/
D.    “bad language”
E.    /bad language/c

Answer: B

QUESTION 48
Which of the following authentication types are supported by FortiGate units? (Select all that apply.)

A.    Kerberos
B.    LDAP
C.    RADIUS
D.    Local Users

Answer: BCD

QUESTION 49
A firewall policy has been configured such that traffic logging is disabled and a UTM function is enabled. In addition, the system setting `utm-incident-traffic-log’ has been enabled. In which log will a UTM event message be stored?

A.    Traffic
B.    UTM
C.    System
D.    None

Answer: A

QUESTION 50
In NAT/Route mode when there is no matching firewall policy for traffic to be forwarded by the Firewall, which of the following statements describes the action taken on traffic?

A.    The traffic is blocked.
B.    The traffic is passed.
C.    The traffic is passed and logged.
D.    The traffic is blocked and logged.

Answer: A

QUESTION 51
Which of the following statements is correct regarding URL Filtering on the FortiGate unit?

A.    The available actions for URL Filtering are Allow and Block.
B.    Multiple URL Filter lists can be added to a single Web filter profile.
C.    A FortiGuard Web Filtering Override match will override a block action in the URL filter list.
D.    The available actions for URL Filtering are Allow, Block and Exempt.

Answer: D

QUESTION 52
The command structure of the CLI on a FortiGate unit consists of commands, objects, branches, tables and parameters. Which of the following items describes port1?

A.    A command.
B.    An object.
C.    A table.
D.    A parameter.

Answer: C

QUESTION 53
How is traffic routed onto an SSL VPN tunnel from the FortiGate unit side?

A.    A static route must be configured by the administrator using the ssl.root interface as the outgoing interface.
B.    Assignment of an IP address to the client causes a host route to be added to the FortiGate unit’s kernel routing table.
C.    A route back to the SSLVPN IP pool is automatically created on the FortiGate unit.
D.    The FortiGate unit adds a route based upon the destination address in the SSL VPN firewall policy.

Answer: B

QUESTION 54
A client can establish a secure connection to a corporate network using SSL VPN in tunnel mode. Which of the following statements are correct regarding the use of tunnel mode SSL VPN? (Select all that apply.)

A.    Split tunneling can be enabled when using tunnel mode SSL VPN.
B.    Client software is required to be able to use a tunnel mode SSL VPN.
C.    Users attempting to create a tunnel mode SSL VPN connection must be authenticated by at least one SSL VPN policy.
D.    The source IP address used by the client for the tunnel mode SSL VPN is assigned by the FortiGate unit.

Answer: ABCD

QUESTION 55
Which of the following Fortinet products can receive updates from the FortiGuard Distribution Network? (Select all that apply.)

A.    FortiGate
B.    FortiClient
C.    FortiMail
D.    FortiAnalyzer

Answer: ABC

QUESTION 56
Each UTM feature has configurable UTM objects such as sensors, profiles or lists that define how the feature will function. An administrator must assign a set of UTM features to a group of users. Which of the following is the correct method for doing this?

A.    Enable a set of unique UTM features under “Edit User Group”.
B.    The administrator must enable the UTM features in an identify-based policy applicable to the user group.
C.    When defining the UTM objects, the administrator must list the user groups which will use the UTM object.
D.    The administrator must apply the UTM features directly to a user object.

Answer: B

QUESTION 57
FortiGate units are preconfigured with four default protection profiles. These protection profiles are used to control the type of content inspection to be performed. What action must be taken for one of these profiles to become active?

A.    The protection profile must be assigned to a firewall policy.
B.    The “Use Protection Profile” option must be selected in the Web Config tool under the sections for AntiVirus, IPS, WebFilter, and AntiSpam.
C.    The protection profile must be set as the Active Protection Profile.
D.    All of the above.

Answer: A

QUESTION 58
Which one of the following statements is correct about raw log messages?

A.    Logs have a header and a body section. The header will have the same layout for every log message. The body section will change layout from one type of log message to another.
B.    Logs have a header and a body section. The header and body will change layout from one type of log message to another.
C.    Logs have a header and a body section. The header and body will have the same layout for every log message.

Answer: A

QUESTION 59
In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services.

Answer: antispam

QUESTION 60
The FortiGate unit’s GUI provides a link to update the firmware. Clicking this link will perform which of the following actions?

A.    It will connect to the Fortinet Support site where the appropriate firmware version can be selected.
B.    It will send a request to the FortiGuard Distribution Network so that the appropriate firmware version can be pushed down to the FortiGate unit.
C.    It will present a prompt to allow browsing to the location of the firmware file.
D.    It will automatically connect to the Fortinet Support site to download the most recent firmware version for the FortiGate unit.

Answer: C

Download Free NSE5 PDF Dumps From Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpU0FrbTh1X3JMSmM

Download New NSE5 VCE Dumps From PassLeader: http://www.passleader.com/nse5.html (New Questions Are 100% Available and Wrong Answers Have Been Corrected!!!)

Welcome To Visit PassLeader