Your success in Fortinet NSE5 is our sole target and we develop all our NSE5 braindumps in a way that facilitates the attainment of this target. Not only is our NSE5 study material the best you can find, it is also the most detailed and the most updated. NSE5 Practice Exams for Fortinet NSE5 are written to the highest standards of technical accuracy.
2026 New NSE5 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/NSE5/
Q1. - (Topic 1)
Examine the exhibit shown below; then answer the question following it.
Which of the following statements best describes the green status indicators that appear next to the different FortiGuard Distribution Network services as illustrated in the exhibit?
A. They indicate that the FortiGate unit is able to connect to the FortiGuard Distribution Network.
B. They indicate that the FortiGate unit has the latest updates that are available from the FortiGuard Distribution Network.
C. They indicate that updates are available and should be downloaded from the FortiGuard Distribution Network to the FortiGate unit.
D. They indicate that the FortiGate unit is in the process of downloading updates from the FortiGuard Distribution Network.
Answer: A
Q2. - (Topic 3)
An organization wishes to protect its SIP Server from call flooding attacks. Which of the following configuration changes can be performed on the FortiGate unit to fulfill this requirement?
A. Apply an application control list which contains a rule for SIP and has the "Limit INVITE Request" option configured.
B. Enable Traffic Shaping for the appropriate SIP firewall policy.
C. Reduce the session time-to-live value for the SIP protocol by running the configure system session-ttl CLI command.
D. Run the set udp-idle-timer CLI command and set a lower time value.
Answer: A
Q3. - (Topic 3)
The FortiGate Server Authentication Extensions (FSAE) provide a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSAE in a Windows domain environment when NTLM is not used? (Select all that apply.)
A. An FSAE Collector Agent must be installed on every domain controller.
B. An FSAE Domain Controller Agent must be installed on every domain controller.
C. The FSAE Domain Controller Agent will regularly update user logon information on the FortiGate unit.
D. The FSAE Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit.
E. For non-domain computers, an FSAE client must be installed on the computer to allow FSAE authentication.
Answer: B,D
Q4. - (Topic 1)
The ordering of firewall policies is very important. Policies can be re-ordered within the FortiGate unit’s GUI and also using the CLI. The command used in the CLI to perform this function is ______ .
A. set order
B. edit policy
C. reorder
D. move
Answer: D
Q5. - (Topic 2)
Examine the following log message for IPS and identify the valid responses below. (Select all that apply.)
2012-07-01 09:54:28 oid=2 log_id=18433 type=ips subtype=anomaly pri=alert vd=root severity="critical" src="192.168.3.168" dst="192.168.3.170" src_int="port2" serial=0 status="detected" proto=1 service="icmp" count=1 attack_name="icmp_flood" icmp_id="0xa8a4" icmp_type="0x08" icmp_code="0x00" attack_id=16777316 sensor="1" ref="http://www.fortinet.com/ids/VID16777316" msg="anomaly: icmp_flood, 51 > threshold 50"
A. The target is 192.168.3.168.
B. The target is 192.168.3.170.
C. The attack was detected and blocked.
D. The attack was detected only.
E. The attack was TCP based.
Answer: B,D
Q6. - (Topic 1)
Which of the following statements are true regarding Local User Authentication? (Select all that apply.)
A. Local user authentication is based on usernames and passwords stored locally on the FortiGate unit.
B. Two-factor authentication can be enabled on a per user basis.
C. Administrators can create an account for the user locally and specify the remote server to verify the password.
D. Local users are for administration accounts only and cannot be used for identity policies.
Answer: A,B,C
Q7. - (Topic 1)
The default administrator profile that is assigned to the default "admin" user on a FortGate device is:____________________.
A. trusted-admin
B. super_admin
C. super_user
D. admin
E. fortinet-root
Answer: B
Q8. - (Topic 1)
Which Fortinet products & features could be considered part of a comprehensive solution to monitor and prevent the leakage of senstive data? (Select all that apply.)
A. Archive non-compliant outgoing e-mails using FortiMail.
B. Restrict unofficial methods of transferring files such as P2P using Application Control lists on a FortiGate.
C. Monitor database activity using FortiAnalyzer.
D. Apply a DLP sensor to a firewall policy.
E. Configure FortiClient to prevent files flagged as sensitive from being copied to a USB disk.
Answer: A,B,D
Q9. - (Topic 2)
Which of the following statements are correct regarding Application Control?
A. Application Control is based on the IPS engine.
B. Application Control is based on the AV engine.
C. Application Control can be applied to SSL encrypted traffic.
D. Application Control cannot be applied to SSL encrypted traffic.
Answer: A,C
Q10. - (Topic 1)
Alert emails enable the FortiGate unit to send email notifications to an email address upon detection of a pre-defined event type. Which of the following are some of the available event types in Web Config? (Select all that apply.)
A. Intrusion detected.
B. Successful firewall authentication.
C. Oversized file detected.
D. DHCP address assigned.
E. FortiGuard Web Filtering rating error detected.
Answer: A