Exam Code: NSE5 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Fortinet Network Security Expert 5 Written Exam (500)
Certification Provider: Fortinet
Free Today! Guaranteed Training- Pass NSE5 Exam.


2026 New NSE5 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/NSE5/

Q1. - (Topic 2) 

What advantages are there in using a hub-and-spoke IPSec VPN configuration instead of a 

fully-meshed set of IPSec tunnels? (Select all that apply.) 

A. Using a hub and spoke topology is required to achieve full redundancy. 

B. Using a hub and spoke topology simplifies configuration because fewer tunnels are required. 

C. Using a hub and spoke topology provides stronger encryption. 

D. The routing at a spoke is simpler, compared to a meshed node. 

Answer: B,D 

Q2. - (Topic 1) 

A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy. 

Exhibit A: 

Exhibit B: 

What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine? 

A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected. 

B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message. 

C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed. 

D. The FortiGate unit will reject the infected email and notify the sender. 

Answer:

Q3. - (Topic 2) 

For Data Leak Prevention, which of the following describes the difference between the block and quarantine actions? 

A. A block action prevents the transaction. A quarantine action blocks all future transactions, regardless of the protocol. 

B. A block action prevents the transaction. A quarantine action archives the data. 

C. A block action has a finite duration. A quarantine action must be removed by an administrator. 

D. A block action is used for known users. A quarantine action is used for unknown users. 

Answer:

Q4. - (Topic 1) 

Encrypted backup files provide which of the following benefits? (Select all that apply.) 

A. Integrity of the backup file is protected since it cannot be easily modified when encrypted. 

B. Prevents the backup file from becoming corrupted. 

C. Protects details of the device's configuration settings from being discovered while the backup file is in transit. For example, transferred to a data centers for system recovery. 

D. A copy of the encrypted backup file is automatically pushed to the FortiGuard Distribution Service (FDS) for disaster recovery purposes. If the backup file becomes corrupt it can be retrieved through FDS. 

E. Fortinet Technical Support can recover forgotten passwords with a backdoor passphrase. 

Answer: A,C 

Q5. - (Topic 1) 

Which of the following options can you use to update the virus definitions on a FortiGate unit? (Select all that apply.) 

A. Push update 

B. Scheduled update 

C. Manual update 

D. FTP update 

Answer: A,B,C 

Q6. - (Topic 2) 

Select the answer that describes what the CLI command diag debug authd fsso list is used for. 

A. Monitors communications between the FSSO Collector Agent and FortiGate unit. 

B. Displays which users are currently logged on using FSSO. 

C. Displays a listing of all connected FSSO Collector Agents. 

D. Lists all DC Agents installed on all Domain Controllers. 

Answer:

Q7. - (Topic 1) 

When backing up the configuration file on a FortiGate unit, the contents can be encrypted 

by enabling the encrypt option and supplying a password. 

If the password is forgotten, the configuration file can still be restored using which of the following methods? 

A. Selecting the recover password option during the restore process. 

B. Having the password emailed to the administrative user by selecting the Forgot Password option. 

C. Sending the configuration file to Fortinet Support for decryption. 

D. If the password is forgotten, there is no way to use the file. 

Answer:

Q8. - (Topic 3) 

A FortiGate unit is configured with multiple VDOMs. An administrative account on the device has been assigned a Scope value of VDOM:root. 

Which of the following items would an administrator logging in using this account NOT be able to configure? 

A. Firewall addresses 

B. DHCP servers 

C. FortiGuard Distribution Network configuration 

D. PPTP VPN configuration 

Answer:

Q9. - (Topic 2) 

In the case of TCP traffic, which of the following correctly describes the routing table lookups performed by a FortiGate unit when searching for a suitable gateway? 

A. A look-up is done only when the first packet coming from the client (SYN) arrives. 

B. A look-up is done when the first packet coming from the client (SYN) arrives, and a second is performed when the first packet coming from the server (SYNC/ACK) arrives. 

C. A look-up is done only during the TCP 3-way handshake (SYNC, SYNC/ACK, ACK). 

D. A look-up is always done each time a packet arrives, from either the server or the client side. 

Answer:

Q10. - (Topic 1) 

What is the FortiGate unit password recovery process? 

A. Interupt boot sequence, modify the boot registry and reboot. After changing the password, reset the boot registry. 

B. Log in through the console port using the maintainer account within several minutes of a reboot. 

C. Hold CTRL + break during reboot and reset the admin password. 

D. The only way to regain access is to interrupt boot sequence and restore a configuration file for which the password has been modified. 

Answer: