NSE5 Practice Test Software
Question: 1
What output profiles can you confine for report event notifications? (Choose two)
A. SMS
B. Forward to another FortiAnaiyzer device
C. Upload to a server
D. Email
Answer: CD
Question: 2
Which statements are true regarding content archiving, also known as Data Leak Prevention (DLP) archiving? (Choose two)
A. Allows full and summary archiving
B. It is configured globally for all policies.
C. The default behavior is to do full archiving.
D. The DLP engine examines email, FTP, NNTP, and web traffic.
Answer: AD
Question: 3
Given the Antivirus and IPS update service is enabled, and the FortiGuard settings as shown in the exhibit. The desired behavior is for managed devices to use public servers for these updates should FortiManager become unreachable, which is not the case with the current configuration. What two actions are necessary to correct this? (Choose two)
A. Change the server override mode from strict to loose.
B. Change the pat from 8890 to 443 n the Use Override Server Address for FortiGate/FortiMail settings.
C. Uncheck the option Use Override Server Address for FortiGate/FortiMail.
D. Change the IP address to a pubic FDS server and pat to 443 n the Use Override Server Address for FortiGate/FortiMail settings.
Answer: AC
Question: 4
What remote authentication servers can you configure to validate your FortiAnalyzer administrator logons? (Choose three)
A. RADIUS
B. Local
C. LDAP
D. PKI
E. TACACS+
Answer: ACE
Question: 5
Which two statements are correct regarding synchronization between primary and secondary devices in a FortManager HA duster? (Choose two)
A. Al device configurations ncbdng global databases are synchrorized in the HA cluster,
B. FortiGuard databases are downloaded separately by each cluster device.
C. FortiGuard databases are downloaded by the primary FortManager device and then synchronized with al secondary devices.
D. Local logs and log configuration settings are synchronized in the HA cluster.
Answer: AB
Question: 6
Workflow mode introduces which new permissions for Super_Admin admhstrative users?
A. Self-approval, Approval, Reject
B. Self-disapproval, Approval, Accept
C. Approval, Self-approval, Change Notification
D. Change Notification, Self-disapproval, Submit
Answer: C
Question: 7
Which two statements are correct regarding header and footer policies? (Choose two)
A. Header and footer policies can only be created h the root ADOM.
B. Header and footer policies can only be created in the global ADOM.
C. Header and footer policies are created in policy packages and assigned to ADOM policy packages.
D. Header and footer policies can be modified h the assigned ADOM policy package.
Answer: BC
Question: 8
What two statements are correct regarding administrative users and accounts? (Choose two)
A. Administrative user accounts can exist locally or remotely.
B. Administrative user login information is available to all administrators through the Web-based
C. Administrative users must be assigned an administrative profile.
D. Administrative user access is restricted by administrative profiles only.
Answer: AC
Question: 9
When statement correct compares FortiManager physical and virtual appliances?
A. Physical and virtual FortiManger appliances may mange unlimited devices and have unrestricted storage.
B. Physical and virtual FortiManger appliances use licenses to increase managed device and storage capacity limits.
C. Physical and virtual FortiManger appliances have unrestricted daily logging rate.
D. Physical and virtual FortiManger appliances use model types and licenses respectively, to differentiate managed device and storage capacity limits.
Answer: D
Question: 10
What s the purpose of locking an ADOM revision?
A. To prevent further changes from Device Manager,
B. To disable revision history.
C. To prevent auto deletion.
D. To lock the Policy and Objects tab.
Answer: C
Question: 11
Which two statements describe a "modified" device settings’ status in the Configuration and Installation Status widget of a managed FortiGate device?
A. Configuration changes were made directly on the managed device,
B. Configuration changes were made from Device Imager for a managed FortiGate e device.
C. Confutation changes were instated to a managed FortiGate device.
D. Confutation changes in Device Manager no longer math the latest revision in the device’s revision history.
Answer: B
Question: 12
What effect do administrative domains (ADCMs) have on report settings? (Choose two)
A. Hone. ADOMs cannot be used with reports.
B. Reports must be configured with (her own ADOM.
C. Chart Library, Macro Library, Dataset Library, and Output Profile become ADOM- specific.
D. Dataset Library becomes global for al ADOMs.
Answer: BC
Question: 13
What statements are true regarding disk log quota? (Choose two)
A. The FortiAnalyzer stops logging once the disk log quota is met.
B. The FortiAnalyzer automatically sets the disk log quota based on the device.
C. The FortiAnalyzer can overwrite the oldest logs or stop logging once the disk log quota is met.
D. The FortiAnalyzer disk log quota is configurable, but has a minimum o 100mb a maximum based on the reserved system space.
Answer: CD
Question: 14
Which ports are commonly used by FortWanager? (Choose two)
A. TCP 541 for remote management of a ForUGate unit.
B. TCP 5199 HA heartbeat or synchronization (FortMaTager HA cluster).
C. TCP 703 HA heartbeat or synchronization (FortiManager HA duster).
D. TCP 514 for remote management of a FortiGate urat.
Answer: AB
Question: 15
What statements are true regarding FortiAnalyzer 's treatment of high availability (HA) dusters? (Choose two)
A. FortiAnalyzer distinguishes different devices by their serial number.
B. FortiAnalyzer receives logs from d devices in a duster.
C. FortiAnalyzer receives bgs only from the primary device in the cluster.
D. FortiAnalyzer only needs to know (he serial number of the primary device in the cluster-it automaticaly discovers the other devices.
Answer: AB
Question: 16
If RAID isn’t supported, what are other types of backup mechanisms (ie.methods to preserve your log data in the event of disk failure, deletion, or corruption?(Choose three)
A. Backing up logs through the Web-based manager or CLI.
B. Forwarding logs a syslog server.
C. Uplaoding logs to an FTP, SFTP, or SCP server.
D. Archiving logs.
E. Enabling full archiving.
Answer: ABC
Question: 17
Which statement correctly names the Administrative Domains modes supported on FortiManager?
A. Normal and Analyzer
B. Backup and Analyzer
C. Normal, Backup, and Collector
D. Normal and Backup,
Answer: D
Question: 18
Which tabs are available on the FortiManger Web-based manager? (Choose two)
A. Device Manager
B. Policy & Objects
C. FortiGate
D. Database
Answer: AB
Question: 19
What are the operating modes of FortiAnalyzer? (Choose two)
A. Standalone
B. Manager
C. Analyzer
D. Collector
Answer: CD
Question: 20
What are three different methods you can employ to send event notifications when an event occurs that matches a configured that matches a configured event handler?
A. Email
B. SMS
C. SNMP
D. IM
E. Syslog
Answer: ACE
Question: 21
What s 'hot swapping'?
A. Hot swapping means administrators can confine FortiAnalyzer to write to all hard device in order to make the array fault tolerant.
B. Hot swapping means administrators can replace a failed disk on devices that support software RAID while the device is still running.
C. Hot swapping means administrators can ensue the parity data of a redundant drive is valid while the device is still running.
D. Hot swapping means administrators can replace a fated d* on devices that support hardware RAID while the device is still running.
Answer: D
Question: 22
Refer to the exhibit. What does the clock icon denote beside the Bandwidth and Application Report.
A. It is a custom report.
B. It is an imparted report from either a different FortiAnalyzer device or a different (but supported) ADOM.
C. It is h the process of generating.
D. It is a scheduled report.