Proper study guides for Rebirth Fortinet Fortinet Network Security Expert 5 Written Exam (500) certified begins with Fortinet NSE5 preparation products which designed to deliver the Verified NSE5 questions by making you pass the NSE5 test at your first time. Try the free NSE5 demo right now.
2026 New NSE5 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/NSE5/
Q1. - (Topic 3)
An administrator is examining the attack logs and notices the following entry:
type=ips subtype=signature pri=alert vd=root serial=1995 attack_id=103022611 src=69.45.64.22 dst=192.168.1.100 src_port=80 dst_port=4887 src_int=wlan dst_int=internal status=detected proto=6 service=4887/tcp user=N/A group=N/A msg=web_client: IE.IFRAME.BufferOverflow.B
Based on the information displayed in this entry, which of the following statements are correct? (Select all that apply.)
A. This is an HTTP server attack.
B. The attack was detected and blocked by the FortiGate unit.
C. The attack was against a FortiGate unit at the 192.168.1.100 IP address.
D. The attack was detected and passed by the FortiGate unit.
Answer: C,D
Q2. - (Topic 1)
The Idle Timeout setting on a FortiGate unit applies to which of the following?
A. Web browsing
B. FTP connections
C. User authentication
D. Administrator access
E. Web filtering overrides.
Answer: D
Q3. - (Topic 2)
FSSO provides a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSSO in a Windows domain environment when NTLM and Polling Mode are not used? (Select all that apply.)
A. An FSSO Collector Agent must be installed on every domain controller.
B. An FSSO Domain Controller Agent must be installed on every domain controller.
C. The FSSO Domain Controller Agent will regularly update user logon information on the FortiGate unit.
D. The FSSO Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit.
E. For non-domain computers, the only way to allow FSSO authentication is to install an FSSO client.
Answer: B,D
Q4. - (Topic 1)
Which part of an email message exchange is NOT inspected by the POP3 and IMAP proxies?
A. TCP connection
B. File attachments
C. Message headers
D. Message body
Answer: A
Q5. - (Topic 3)
The following diagnostic output is displayed in the CLI:
diag firewall auth list
policy iD. 9, srC. 192.168.3.168, action: accept, timeout: 13427
user: forticlient_chk_only, group:
flag (80020): auth timeout_ext, flag2 (40): exact
group iD. 0, av group: 0
----- 1 listed, 0 filtered ------
Based on this output, which of the following statements is correct?
A. Firewall policy 9 has endpoint compliance enabled but not firewall authentication.
B. The client check that is part of an SSL VPN connection attempt failed.
C. This user has been associated with a guest profile as evidenced by the group id of 0.
D. An auth-keepalive value has been enabled.
Answer: A
Q6. - (Topic 3)
Which of the following statements is correct regarding the antivirus scanning function on the FortiGate unit?
A. Antivirus scanning provides end-to-end virus protection for client workstations.
B. Antivirus scanning provides virus protection for the HTTP, Telnet, SMTP, and FTP protocols.
C. Antivirus scanning supports banned word checking.
D. Antivirus scanning supports grayware protection.
Answer: D
Q7. - (Topic 1)
Which of the following statements are correct regarding URL filtering on the FortiGate unit? (Select all that apply.)
A. The allowed actions for URL Filtering include Allow, Block and Exempt.
B. The allowed actions for URL Filtering are Allow and Block.
C. The FortiGate unit can filter URLs based on patterns using text and regular expressions.
D. Any URL accessible by a web browser can be blocked using URL Filtering.
E. Multiple URL Filter lists can be added to a single protection profile.
Answer: A,C
Q8. - (Topic 1)
Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?
A. Packet encryption
B. MIB-based report uploads
C. SNMP access limits through access lists
D. Running SNMP service on a non-standard port is possible
Answer: A
Q9. - (Topic 1)
Which of the following pieces of information can be included in the Destination Address field of a firewall policy?
A. An IP address pool, a virtual IP address, an actual IP address, and an IP address group.
B. A virtual IP address, an actual IP address, and an IP address group.
C. An actual IP address and an IP address group.
D. Only an actual IP address.
Answer: B
Q10. - (Topic 1)
What are the valid sub-types for a Firewall type policy? (Select all that apply)
A. Device Identity
B. Address
C. User Identity
D. Schedule
E. SSL VPN
Answer: A,B,C