NSE5 Online Practice Questions and Answers

Examine the static route configuration shown below; then answer the question following it. config router static edit 1

set dst 172.20.1.0 255.255.255.0 set device port1 set gateway 172.11.12.1 set distance 10 set weight 5 next edit 2 set dst 172.20.1.0 255.255.255.0 set blackhole enable set distance 5 set weight 10 next end Which of the following statements correctly describes the static routing configuration provided? (Select all

that apply.)

A. All traffic to 172.20.1.0/24 will always be dropped by the FortiGate unit.

B. As long as port1 is up, all the traffic to 172.20.1.0/24 will be routed by the static route number 1. If the interface port1 is down, the traffic will be routed using the blackhole route.

C. The FortiGate unit will NOT create a session entry in the session table when the traffic is being routed by the blackhole route.

D. The FortiGate unit will create a session entry in the session table when the traffic is being routed by the blackhole route.

E. Traffic to 172.20.1.0/24 will be shared through both routes.

Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)

A. Forward-only

B. Non-recursive

C. Recursive

D. Iterative

E. Conditional-forward

What effect do administrative domains (ADOM) have on report settings? (Choose two.)

A. None. ADOMs cannot be used with reports.

B. Reports must be configured within their own ADOM.

C. Chart Library, Macro Library, Dataset Library, and Output Profile become ADOM- specific.

D. Dataset Library becomes global for all ADOMs.

Which of the following items does NOT support the Logging feature?

A. File Filter

B. Application control

C. Session timeouts

D. Administrator activities

E. Web URL filtering

View the Exhibit.

Refer to the exhibit. Which two statements are correct? (Choose two.)

A. An ADOM revision is created specific to the policy package and object changes.

B. An ADOM revision is created as a snapshot of all ADOM policy packages and objects.

C. An ADOM revision is locked.

D. An ADOM revision is unlocked.

Which of the following logging options are supported on a FortiGate unit? (Select all that apply.)

A. LDAP

B. Syslog

C. FortiAnalyzer

D. Local disk and/or memory

Which of the following is true regarding Switch Port Mode?

A. Allows all internal ports to share the same subnet.

B. Provides separate routable interfaces for each internal port.

C. An administrator can select ports to be used as a switch.

D. Configures ports to be part of the same broadcast domain.

An administrator wishes to generate a report showing Top Traffic by service type. They notice that web traffic overwhelms the pie chart and want to exclude the web traffic from the report.

Which of the following statements best describes how to do this?

A. In the Service field of the Data Filter, type 80/tcp and select the NOT checkbox.

B. Add the following entry to the Generic Field section of the Data Filter: service="!web".

C. When editing the chart, uncheck wlog to indicate that Web Filtering data is being excluded when generating the chart.

D. When editing the chart, enter 'http' in the Exclude Service field.

Both the FortiGate and FortiAnalyzer units can notify administrators when certain alert conditions are met. Considering this, which of the following statements is NOT correct?

A. On a FortiGate device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two.

B. On a FortiAnalyzer device, the alert condition is based either on the severity level or on the log type, but not on a combination of the two.

C. Only a FortiAnalyzer device can send the alert notification in the form of a syslog message.

D. Both the FortiGate and FortiAnalyzer devices can send alert notifications in the form of an email alert.

Because changing the operational mode to Transparent resets device (or vdom) to all defaults, which precautions should an Administrator take prior to performing this? (Select all that apply.)

A. Backup the configuration.

B. Disconnect redundant cables to ensure the topology will not contain layer 2 loops.

C. Set the unit to factory defaults.

D. Update IPS and AV files.