Fortinet Network Security Expert 5 Written Exam (500) v9.0 (NSE5)

Page:    1 / 4   
Total 50 questions

What are three different methods you can employ to send event notifications when an event occurs that matches a configured that matches a configured event handler?

  • A. Email
  • B. SMS
  • C. SNMP
  • D. IM
  • E. Syslog


Answer : A,C,E

The service access settings for a FotiManger network interface relate to which product feature?

  • A. Device Manger
  • B. Policy & Objects
  • C. FortiGuard
  • D. FortiView


Answer : C


What is the problem with the following SQL SELECT statement?
SELECT dstip as Destination IP , count(*) as session FROM $log-traffic GROUP BY dstip

WHERE -
5fileter and dstip is not null.

  • A. The clauses arenot coded in the right sequence.
  • B. The clauses are not a log type.
  • C. The FROM clause is not required.
  • D. SQL queries are case-sensitive.


Answer : A

When configuring FortiGuard on FortiManger. Which two statements are correct regarding
Allow Push Update settings configured in the FortiGuard. Antivirus and IPS Settings?
(Choose two)

  • A. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManger bult-in FDS will send push updatenotifications to each managed device.
  • B. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManger bult-in FDS will send push update notifications.
  • C. FortiManagers built-in FDS service may not correctly receive push updates if the external facing IP address of any intermediary NAT device is dynamic.
  • D. FortiManagers built-in FDS service does not allow an administrator to override the default FortiManger IP address and port used by the FDN to send update messages.


Answer : A,C

Which two statements are correct regarding FortiGate-FortiManger (FGFM) management protocol? (Choose two)

  • A. A secure communication is established between FortiManger and the managed device on port TCP 541.
  • B. A secure communication is established between FortiManger and the managed device on port TCP 514.
  • C. The FGFM daemons run on both FortiGate (fgfmd) and FortiManger (fgfmsd).
  • D. Once the FortiGate is managed, the FGFM tunnel is authenticated and established using the IP address of FortiGate device.


Answer : A,C

What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)

  • A. RADIUS
  • B. Local
  • C. LDAP
  • D. PKI
  • E. TACACS+


Answer : A,C,E

Which two statements describe a modified device settings status in the Configuration and
Installation Status widget of a managed FortiGate device?

  • A. Configuration changes were made directly on the managed device,
  • B. Configuration changes were made from Device Imager for a managed FortiGate e device.
  • C. Confutation changes were instated to a managed FortiGate device.
  • D. Confutation changes inDevice Manager no longer math the latest revision in the devices revision history.


Answer : B

Which two statements are correct regarding synchronization between primary andsecondary devices in a FortManager HA duster? (Choose two)

  • A. Al device configurations ncbdng global databases are synchrorized in the HA cluster,
  • B. FortiGuard databases are downloaded separately by each cluster device. C FortiGuard databases are downloaded by the primary FortManager device and then synchronized with al secondary devices.
  • C. Local logs and log configuration settings are synchronized in the HA cluster.


Answer : A,B

How does the Log View page display logs when ADOMs are enabled?

  • A. The Log View page displays logs in ADOMs together so they appear as singledevice.
  • B. The Log View page displays logs per ADOM.
  • C. The Log View page cannot display raw logs when ADOMs are enabled.
  • D. The Log View page cannot display logs h real-time when ADOMs are enabled.


Answer : B

If RAIDisnt supported, what are other types of backup mechanisms (ie.methods to preserve your log data in the event of disk failure, deletion, or corruption?(Choose three)

  • A. Backing up logs through the Web-based manager or CLI.
  • B. Forwarding logs a syslog server.
  • C. Uplaoding logs to an FTP, SFTP, or SCP server.
  • D. Archiving logs.
  • E. Enabling full archiving.


Answer : A,B,C

Given the Antivirus and IPS update service is enabled, and the FortiGuard settings as shown in the exhibit. The desired behavior is for managed devices to use public servers for these updates should FortiManager become unreachable, which is not the case with the currentconfiguration. What two actions are necessary to correct this? (Choose two)


  • A. Change the server override mode from strict to loose.
  • B. Change the pat from 8890 to 443 n the Use Override Server Address for FortiGate/FortiMail settings.
  • C. Uncheck theoption Use Override Server Address for FortiGate/FortiMail.
  • D. Change the IP address to a pubic FDS server and pat to 443 n the Use Override Server Address for FortiGate/FortiMail settings.


Answer : A,C

Which two statementsare correct regarding header and footer policies? (Choose two)

  • A. Header and footer policies can only be created h the root ADOM.
  • B. Header and footer policies can only be created in the global ADOM.
  • C. Header and footer policies are created in policy packages and assigned to ADOM policy packages.
  • D. Header and footer policies can be modified h the assigned ADOM policy package.


Answer : B,C

Refer to the exhibits.


  • A. Youcannot use SQL syntax h the Search field of the FortiView > Log View page.
  • B. Case Sensitive Search is enabled.
  • C. There are no logs that include https as a service.
  • D. You cannot search for logs from the FortiView >Log View page.


Answer : B

What s 'hot swapping'?

  • A. Hot swapping means administrators can confine FortiAnalyzer to write to allhard device in order to make the array fault tolerant.
  • B. Hot swapping means administrators can replace a failed disk on devices that support software RAID while the device is still running.
  • C. Hot swapping means administrators can ensue the parity data of a redundant drive is valid while the device is still running.
  • D. Hot swapping means administrators can replace a fated d* on devices that support hardware RAID while the device is still running.


Answer : D

Refer to the exhibit, An administrator create a new interface object named Dev and configured dynamic mapping for the wan2 interfaceon the Head Office FortiGate. A new policy from internal to Dev is configured. Which statements is correct regarding the installation of the Head Office policy package?


  • A. A new zone named Dev with member interface wan2 and a poky from internal to Devwill be created on the FortiGate device.
  • B. A new poky from internal to wan2 will be created locally on the FortiGate.
  • C. Dev is FortiManager reference for interface on the HeadOffice FortiGate. No zone is created on the FortiGate.
  • D. The install willfail because wan2 cannot be mapped to Dev. This is not a valid configuration.


Answer : C

Page:    1 / 4   
Total 50 questions