[2016-NEW!] Free and Premium PassLeader NSE5 Exam Questions (Total 240q) (Question 121 – Question 140)
Want to pass your NSE5 exam? Why not trying PassLeader’s NSE5 VCE or PDF dumps? We PassLeader now are offering the accurate 240q NSE5 exam questions and answers, you can get all the real exam questions from our NSE5 exam dumps. All our 240q NSE5 practice tests are the newest and same with the real test. We ensure that you can pass NSE5 exam easily with our premium NSE5 study guide! Now visit passleader.com to get the valid NSE5 braindumps with free version VCE Player!
keywords: NSE5 exam,240q NSE5 exam dumps,240q NSE5 exam questions,NSE5 pdf dumps,NSE5 vce dumps,NSE5 braindumps,NSE5 practice tests,NSE5 study guide,Fortinet Network Security Analyst Exam
P.S. Download Free NSE5 PDF Dumps and Get Premium PassLeader NSE5 VCE Dumps At The End Of This Post!!! (Ctrl+End)
QUESTION 121
Examine the static route configuration shown below; then answer the question following it.
config router static
edit 1
set dst 172.20.1.0 255.255.255.0
set device port1
set gateway 172.11.12.1
set distance 10
set weight 5
next
edit 2
set dst 172.20.1.0 255.255.255.0
set blackhole enable
set distance 5
set weight 10
next
end
Which of the following statements correctly describes the static routing configuration provided? (Select all that apply.)
A. All traffic to 172.20.1.0/24 will always be dropped by the FortiGate unit.
B. As long as port1 is up, all the traffic to 172.20.1.0/24 will be routed by the static route number 1. If the interface port1 is down, the traffic will be routed using the blackhole route.
C. The FortiGate unit will NOT create a session entry in the session table when the traffic is being routed by the blackhole route.
D. The FortiGate unit will create a session entry in the session table when the traffic is being routed by the blackhole route.
E. Traffic to 172.20.1.0/24 will be shared through both routes.
Answer: AC
QUESTION 122
Review the IKE debug output for IPsec shown in the Exhibit below.
Which one of the following statements is correct regarding this output?
A. The output is a Phase 1 negotiation.
B. The output is a Phase 2 negotiation.
C. The output captures the Dead Peer Detection messages.
D. The output captures the Dead Gateway Detection packets.
Answer: C
QUESTION 123
In Transparent Mode, forward-domain is an attribute of ______________.
A. an interface
B. a firewall policy
C. a static route
D. a virtual domain
Answer: A
QUESTION 124
Examine the Exhibit shown below; then answer the question following it.
The Vancouver FortiGate unit initially had the following information in its routing table:
S 172.20.0.0/16 [10/0] via 172.21.1.2, port2
C 172.21.0.0/16 is directly connected, port2
C 172.11.11.0/24 is directly connected, port1
Afterwards, the following static route was added:
config router static
edit 6
set dst 172.20.1.0 255.255.255.0
set pririoty 0
set device port1
set gateway 172.11.12.1
next
end
Since this change, the new static route is NOT showing up in the routing table. Given the information provided, which of the following describes the cause of this problem?
A. The subnet 172.20.1.0/24 is overlapped with the subnet of one static route that is already in the routing table (172.20.0.0/16), so, we need to enable allow-subnet-overlap first.
B. The ‘gateway’ IP address is NOT in the same subnet as the IP address of port1.
C. The priority is 0, which means that the route will remain inactive.
D. The static route configuration is missing the distance setting.
Answer: B
QUESTION 125
Examine the exhibit shown below then answer the question that follows it.
Within the UTM Proxy Options, the CA certificate Fortinet_CA_SSLProxy defines which of the following:
A. FortiGate unit’s encryption certificate used by the SSL proxy.
B. FortiGate unit’s signing certificate used by the SSL proxy.
C. FortiGuard’s signing certificate used by the SSL proxy.
D. FortiGuard’s encryption certificate used by the SSL proxy.
Answer: A
QUESTION 126
The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows.
Exhibit A – Antivirus Profile:
Exhibit B – Non-default UTM Proxy Options Profile:
Exhibit C – DLP Profile:
Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?
A. Only Exhibit A
B. Only Exhibit B
C. Only Exhibit C with default UTM Proxy settings.
D. All of the Exhibits (A, B and C)
E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).
Answer: C
QUESTION 127
Data Leak Prevention archiving gives the ability to store files and message data onto a FortiAnalyzer unit for which of the following types of network traffic? (Select all that apply.)
A. SNMP
B. IPSec
C. SMTP
D. POP3
E. HTTP
Answer: CDE
QUESTION 128
Review the output of the command config router ospf shown in the Exhibit below; then answer the question following it.
Which one of the following statements is correct regarding this output?
A. OSPF Hello packets will only be sent on interfaces configured with the IP addresses 172.16.1.1 and 172.16.1.2.
B. OSPF Hello packets will be sent on all interfaces of the FortiGate device.
C. OSPF Hello packets will be sent on all interfaces configured with an address matching the 10.0.1.0/24 and 172.16.0.0/12 networks.
D. OSPF Hello packets are not sent on point-to-point networks.
Answer: C
QUESTION 129
In a High Availability cluster operating in Active-Active mode, which of the following correctly describes the path taken by the SYN packet of an HTTP session that is offloaded to a subordinate unit?
A. Request: Internal Host; Master FortiGate; Slave FortiGate; Internet; Web Server
B. Request: Internal Host; Master FortiGate; Slave FortiGate; Master FortiGate; Internet; Web Server
C. Request: Internal Host; Slave FortiGate; Internet; Web Server
D. Request: Internal Host; Slave FortiGate; Master FortiGate; Internet; Web Server
Answer: A
QUESTION 130
Two FortiGate devices fail to form an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of ‘show system ha’ for the STUDENT device. Exhibit B shows the command output of ‘show system ha’ for the REMOTE device.
Exhibit A:
Exhibit B
Which one of the following is the most likely reason that the cluster fails to form?
A. Password
B. HA mode
C. Hearbeat
D. Override
Answer: B
QUESTION 131
In HA, what is the effect of the Disconnect Cluster Member command as given in the Exhibit.
A. The HA mode changes to standalone.
B. Port3 is configured with an IP address for management access.
C. The Firewall rules are purged on the disconnected unit.
D. All other interface IP settings are maintained.
Answer: AB
QUESTION 132
Which of the following statements are correct about the HA diag command diagnose sys ha reset-uptime? (Select all that apply.)
A. The device this command is executed on is likely to switch from master to slave status if master override is disabled.
B. The device this command is executed on is likely to switch from master to slave status if master override is enabled.
C. This command has no impact on the HA algorithm.
D. This command resets the uptime variable used in the HA algorithm so it may cause a new master to become elected.
Answer: AD
QUESTION 133
Review the IPsec diagnostics output of the command diag vpn tunnel list shown in the Exhibit below.
Which of the following statements are correct regarding this output? (Select all that apply.)
A. The connecting client has been allocated address 172.20.1.1.
B. In the Phase 1 settings, dead peer detection is enabled.
C. The tunnel is idle.
D. The connecting client has been allocated address 10.200.3.1.
Answer: AB
QUESTION 134
Review the output of the command get router info routing-table database shown in the Exhibit below; then answer the question following it.
Which of the following statements are correct regarding this output? (Select all that apply).
A. There will be six routes in the routing table.
B. There will be seven routes in the routing table.
C. There will be two default routes in the routing table.
D. There will be two routes for the 10.0.2.0/24 subnet in the routing table.
Answer: AC
QUESTION 135
Review the static route configuration for IPsec shown in the Exhibit below; then answer the question following it.
Which of the following statements are correct regarding this configuration? (Select all that apply).
A. Remote_1 is a Phase 1 object with interface mode enabled
B. The gateway address is not required because the interface is a point-to-point connection
C. The gateway address is not required because the default route is used
D. Remote_1 is a firewall zone
Answer: AB
QUESTION 136
Examine the Exhibit shown below; then answer the question following it.
In this scenario, the Fortigate unit in Ottawa has the following routing table:
S* 0.0.0.0/0 [10/0] via 172.20.170.254, port2
C 172.20.167.0/24 is directly connected, port1
C 172.20.170.0/24 is directly connected, port2
Sniffer tests show that packets sent from the Source IP address 172.20.168.2 to the Destination IP address 172.20.169.2 are being dropped by the FortiGate unit located in Ottawa. Which of the following correctly describes the cause for the dropped packets?
A. The forward policy check.
B. The reverse path forwarding check.
C. The subnet 172.20.169.0/24 is NOT in the Ottawa FortiGate unit’s routing table.
D. The destination workstation 172.20.169.2 does NOT have the subnet 172.20.168.0/24 in its routing table.
Answer: B
QUESTION 137
Examine the following log message for IPS and identify the valid responses below. (Select all that apply.)
2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity=”critical” src=”192.168.3.168″ dst=”192.168.3.170″ src_int=”port2″ serial=0 status=”detected” proto=1 service=”icmp” count=1 attack_name=”icmp_flood” icmp_id=”0xa8a4″ icmp_type=”0x08″ icmp_code=”0x00″ attack_id=16777316 sensor=”1″ ref=”http://www.fortinet.com/ids/VID16777316″ msg=”anomaly: icmp_flood, 51 > threshold 50″
A. The target is 192.168.3.168.
B. The target is 192.168.3.170.
C. The attack was detected and blocked.
D. The attack was detected only.
E. The attack was TCP based.
Answer: BD
QUESTION 138
Review the IPsec phase1 configuration in the Exhibit shown below; then answer the question following it.
Which of the following statements are correct regarding this configuration? (Select all that apply).
A. The phase1 is for a route-based VPN configuration.
B. The phase1 is for a policy-based VPN configuration.
C. The local gateway IP is the address assigned to port1.
D. The local gateway IP address is 10.200.3.1.
Answer: AC
QUESTION 139
Review the configuration for FortiClient IPsec shown in the Exhibit below.
Which of the following statements is correct regarding this configuration?
A. The connecting VPN client will install a route to a destination corresponding to the STUDENT_INTERNAL address object
B. The connecting VPN client will install a default route
C. The connecting VPN client will install a route to the 172.20.1.[1-5] address range
D. The connecting VPN client will connect in web portal mode and no route will be installed
Answer: A
QUESTION 140
Identify the statement which correctly describes the output of the following command:
diagnose ips anomaly list
A. Lists the configured DoS policy.
B. List the real-time counters for the configured DoS policy.
C. Lists the errors captured when compiling the DoS policy.
Answer: B
Download Free NSE5 PDF Dumps From Google Drive: https://drive.google.com/open?id=0B-ob6L_QjGLpU0FrbTh1X3JMSmM
Download New NSE5 VCE Dumps From PassLeader: http://www.passleader.com/nse5.html (New Questions Are 100% Available and Wrong Answers Have Been Corrected!!!)