[Update Feb 02, 2021] NSE 5 Network Security Analyst NSE5 dumps from Lead4Pass with PDF and VCE

February 2, 2021

Lead4Pass has shared the latest NSE5 dumps exam questions and answers more than once, and today continues to share some free NSE5 exam questions and answers to help all candidates progress.

Lead4Pass has also helped candidates pass the NSE 5 Network Security Analyst NSE5 Fortinet Network Security Expert 5 Written Exam (500) certification exam more than once because they use
Full NSE5 dumps with PDF and VCE: https://www.leads4pass.com/nse5.html (320 Q&A).

Read the NSE 5 Network Security Analyst NSE5 exam questions and answers shared online today:

Number of exam questionsExam nameFromRelease time
15Fortinet Network Security Expert 5 Written Exam (500)Lead4PassFeb 02, 2021
New Question 1:

Examine the following log message for IPS and identify the valid responses below. (Select all that apply.)

2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity=”critical” src=”192.168.3.168″ dst=”192.168.3.170″ src_int=”port2″ serial=0 status=”detected” proto=1 service=”ICMP” count=1 attack_name=”icmp_flood” icmp_id=”0xa8a4″ icmp_type=”0x08″ icmp_code=”0x00″ attack_id=16777316 sensor=”1″ ref=”http://www.fortinet.com/ids/VID16777316″ msg=”anomaly: icmp_flood, 51 > threshold 50″

A. The target is 192.168.3.168.

B. The target is 192.168.3.170.

C. The attack was detected and blocked.

D. The attack was detected only.

E. The attack was TCP based.

 

Correct Answer: BD

New Question 2:

 

Which of the following statements regarding the firewall policy authentication timeout is true?

A. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user\’s source IP.

B. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user\’s source IP after this timer has expired.

C. The authentication timeout is an idle timeout. This means that the FortiGate unit will consider a user to be “idle” if it does not see any packets coming from the user\’s source MAC.

D. The authentication timeout is a hard timeout. This means that the FortiGate unit will remove the temporary policy for this user\’s source MAC after this timer has expired.

 

Correct Answer: A

New Question 3:

 

What is `hot swapping\’?

A. Hot swapping means administrators can configure FortiAnalyzer to write to all hard drives in the device in order to make the array fault tolerant.

B. Hot swapping means administrators can replace a failed disk on devices that support software RAID while the device is still running.

C. Hot swapping means administrators can ensure the parity data of a redundant drive is valid while the device is still running.

D. Hot swapping means administrators can replace a failed disk on devices that support hardware RAID while the device is still running.

 

Correct Answer: D

New Question 4:

 

If no firewall policy is specified between two FortiGate interfaces and zones are not used, which of the following statements describes the action taken on traffic flowing between these interfaces?

A. The traffic is blocked.

B. The traffic is passed.

C. The traffic is passed and logged.

D. The traffic is blocked and logged.

 

Correct Answer: A

New Question 5:

 

Which of the following statements is correct regarding the antivirus scanning function on the FortiGate unit?

A. Antivirus scanning provides end-to-end virus protection for client workstations.

B. Antivirus scanning provides virus protection for the HTTP, Telnet, SMTP, and FTP protocols.

C. Antivirus scanning supports banned word checking.

D. Antivirus scanning supports grayware protection.

 

Correct Answer: D

New Question 6:

 

When configuring FortiGuard on FortiManager, which two statements are correct regarding Allow Push Update settings configured in the FortiGuard Antivirus and IPS Settings? (Choose two.)

A. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManager built-in FDS will send push update notifications to each managed device.

B. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManager built-in FDS will receive push update notifications.

C. FortiManager\’s built-in FDS service may not correctly receive push updates if the external facing IP address of any intermediary NAT device is dynamic.

D. FortiManager\’s built-in FDS service does not allow an administrator to override the default FortiManager IP address and port used by the FDN to send update messages.

 

Correct Answer: BC

New Question 7:

 

Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.)

A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding.

B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs.

C. The device is transparent to network hosts.

D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network.

E. All interfaces must be on different IP subnets.

 

Correct Answer: ABCD

New Question 8:

 

Administrators can send alerts to multiple recipients through which methods? (Choose three.)

A. Email

B. SMS

C. SNMP

D. Syslog

E. Instant Message (IM)

 

Correct Answer: ACD

New Question 9:

 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.

Exhibit A:

new nse5 exam questions 9

Exhibit B:

new nse5 exam questions 9-1

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.

B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.

D. The FortiGate unit will reject the infected email and notify the sender.

 

Correct Answer: B

New Question 10:

 

On the Device Manager tab, what does a red circle in the Logs field of a device indicate?

A. A red circle indicates logs are being received.

B. A red circle indicates the IPSec tunnel is down.

C. A red circle indicates logs are not being received.

D. A red circle indicates no recent logs have been received.

 

Correct Answer: D

New Question 11:

 

Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.)

A. User must accept the disclaimer to proceed with the authentication process.

B. The disclaimer page is customizable.

C. The disclaimer cannot be used in combination with user authentication.

D. The disclaimer can only be applied to wireless interfaces.

 

Correct Answer: AB

New Question 12:

 

A portion of the device listing for a FortiAnalyzer unit is displayed in the exhibit.

new nse5 exam questions 12

Which of the following statements best describes the reason why the FortiGate 60B unit is unable to archive data to the FortiAnalyzer unit?

A. The FortiGate unit is considered an unregistered device.

B. The FortiGate unit has been blocked from sending archive data to the FortiAnalyzer device by the administrator.

C. The FortiGate unit has insufficient privileges. The administrator should edit the device entry in the FortiAnalyzer and modify the privileges.

D. The FortiGate unit is being treated as a syslog device and is only permitted to send log data.

 

Correct Answer: A

New Question 13:

 

Which of the following pieces of information can be included in the Destination Address field of a firewall policy?

A. An IP address pool, a virtual IP address, an actual IP address, and an IP address group.

B. A virtual IP address, an actual IP address, and an IP address group.

C. An actual IP address and an IP address group.

D. Only an actual IP address.

 

Correct Answer: B

New Question 14:

 

Which of the following statements are true of the FortiGate unit\’s factory default configuration?

A. `Port1\’ or `Internal\’ interface will have an IP of 192.168.1.99.

B. `Port1\’ or `Internal\’ interface will have a DHCP server set up and enabled (on devices that support DHCP Servers).

C. Default login will always be the username: admin (all lowercase) and no password.

D. The implicit firewall action is ACCEPT.

 

Correct Answer: ABC

New Question 15:

 

Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

A. The proxy buffers the entire file from the client, only sending the file to the server if the file is clean. One possible consequence of buffering is that the server could time out.

B. The proxy sends the file to the server while simultaneously buffering it.

C. The proxy removes the infected file from the server by sending a delete command on behalf of the client.

D. If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.

 

Correct Answer: A

 

Lead4Pass updates NSE 5 Network Security Analyst NSE5 exam questions and answers throughout the year and frequently shares a selection of free exam questions and answers, as shown above, candidates can improve themselves through online learning.

Also able to download the latest NSE5 dumps: https://www.leads4pass.com/nse5.html (Dumps PDF+VCE) to help them successfully pass the NSE5 Fortinet Network Security Expert 5 Written Exam (500) certification exam on their first attempt.