We provide real NSE5 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Fortinet NSE5 Exam quickly & easily. The NSE5 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Fortinet NSE5 dumps pdf and vce product and material, you can easily pass the NSE5 exam.
2026 New NSE5 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/NSE5/
Q1. - (Topic 2)
How can DLP file filters be configured to detect Office 2010 files? (Select all that apply.)
A. File TypE. Microsoft Office(msoffice)
B. File TypE. Archive(zip)
C. File TypE. Unknown Filetype(unknown)
D. File NamE. "*.ppt", "*.doc", "*.xls"
E. File NamE. "*.pptx", "*.docx", "*.xlsx"
Answer: B,E
Q2. - (Topic 1)
An administrator configures a FortiGate unit in Transparent mode on the 192.168.11.0 subnet. Automatic Discovery is enabled to detect any available FortiAnalyzers on the network.
Which of the following FortiAnalyzers will be detected? (Select all that apply.)
A. 192.168.11.100
B. 192.168.11.251
C. 192.168.10.100
D. 192.168.10.251
Answer: A,B
Q3. - (Topic 2)
Identify the correct properties of a partial mesh VPN deployment:
A. VPN tunnels interconnect between every single location.
B. VPN tunnels are not configured between every single location.
C. Some locations are reached via a hub location.
D. There are no hub locations in a partial mesh.
Answer: B,C
Q4. - (Topic 2)
The eicar test virus is put into a zip archive, which is given the password of “Fortinet” in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows.
Exhibit A – Antivirus Profile:
Exhibit B – Non-default UTM Proxy Options Profile:
Exhibit C – DLP Profile:
Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?
A. Only Exhibit A
B. Only Exhibit B
C. Only Exhibit C with default UTM Proxy settings.
D. All of the Exhibits (A, B and C)
E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).
Answer: C
Q5. - (Topic 1)
Which of the following statements is correct regarding URL Filtering on the FortiGate unit?
A. The available actions for URL Filtering are Allow and Block.
B. Multiple URL Filter lists can be added to a single Web filter profile.
C. A FortiGuard Web Filtering Override match will override a block action in the URL filter list.
D. The available actions for URL Filtering are Allow, Block and Exempt.
Answer: D
Q6. - (Topic 2)
Two FortiGate devices fail to form an HA cluster, the device hostnames are STUDENT and REMOTE. Exhibit A shows the command output of 'show system ha' for the STUDENT device. Exhibit B shows the command output of 'show system ha' for the REMOTE device.
Exhibit A:
Exhibit B
Which one of the following is the most likely reason that the cluster fails to form?
A. Password
B. HA mode
C. Hearbeat
D. Override
Answer: B
Q7. - (Topic 3)
SSL Proxy is used to decrypt the SSL-encrypted traffic. After decryption, where is the traffic buffered in preparation for content inspection?
A. The file is buffered by the application proxy.
B. The file is buffered by the SSL proxy.
C. In the upload direction, the file is buffered by the SSL proxy. In the download direction, the file is buffered by the application proxy.
D. No file buffering is needed since a stream-based scanning approach is used for SSL content inspection.
Answer: A
Q8. - (Topic 3)
A FortiGate unit is operating in NAT/Route mode and is configured with two Virtual LAN (VLAN) sub-interfaces added to the same physical interface.
Which of the following statements is correct regarding the VLAN IDs in this scenario?
A. The two VLAN sub-interfaces can have the same VLAN ID only if they have IP addresses in different subnets.
B. The two VLAN sub-interfaces must have different VLAN IDs.
C. The two VLAN sub-interfaces can have the same VLAN ID only if they belong to different VDOMs.
D. The two VLAN sub-interfaces can have the same VLAN ID if they are connected to different L2 IEEE 802.1Q compliant switches.
Answer: B
Q9. - (Topic 3)
Based on the web filtering configuration illustrated in the exhibit,
which one of the following statements is not a reasonable conclusion?
A. Users can access both the www.google.com site and the www.fortinet.com site.
B. When a user attempts to access the www.google.com site, the FortiGate unit will not perform web filtering on the content of that site.
C. When a user attempts to access the www.fortinet.com site, any remaining web filtering will be bypassed.
D. Downloaded content from www.google.com will be scanned for viruses if antivirus is enabled.
Answer: B
Q10. - (Topic 1)
Which of the following are valid FortiGate device interface methods for handling DNS requests? (Select all that apply.)
A. Forward-only
B. Non-recursive
C. Recursive
D. Iterative
E. Conditional-forward
Answer: A,B,C