1. Home
  2. Fortinet
  3. NSE5

Fortinet Network Security Expert 5 Written Exam (500)

Exam Details

  • Exam Code
    :NSE5
  • Exam Name
    :Fortinet Network Security Expert 5 Written Exam (500)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :320 Q&As
  • Last Updated
    :Jul 12, 2025

Fortinet Fortinet Certifications NSE5 Questions & Answers

  • Question 191:

    Which of the following statements best decribes the proxy behavior on a FortiGate unit during an FTP client upload when FTP splice is disabled?

    A. The proxy buffers the entire file from the client, only sending the file to the server if the file is clean. One possible consequence of buffering is that the server could time out.

    B. The proxy sends the file to the server while simultaneously buffering it.

    C. The proxy removes the infected file from the server by sending a delete command on behalf of the client.

    D. If the file being scanned is determined to be clean, the proxy terminates the connection and leaves the file on the server.

  • Question 192:

    An end user logs into the SSL VPN portal and selects the Tunnel Mode option by clicking on the "Connect" button. The administrator has not enabled split tunneling and so the end user must access the Internet through the SSL VPN Tunnel.

    Which firewall policies are needed to allow the end user to not only access the internal network but also reach the Internet?

    Exhibit A.

    Exhibit B.

    Exhibit C.

    Exhibit D.

    A. Exhibit A

    B. Exhibit B

    C. Exhibit C

    D. Exhibit D

  • Question 193:

    Which of the following items does NOT support the Logging feature?

    A. File Filter

    B. Application control

    C. Session timeouts

    D. Administrator activities

    E. Web URL filtering

  • Question 194:

    A network administrator connects his PC to the INTERNAL interface on a FortiGate unit. The administrator attempts to make an HTTPS connection to the FortiGate unit on the VLAN1 interface at the IP address of 10.0.1.1, but gets no connectivity.

    The following troubleshooting commands are executed from the CLI:

    user1 # get system interface

    == [ internal ]

    name. internal mode. static ip: 10.0.1.254 255.255.255.128 status: up

    netbios-forward. disable type. physical mtu-override. disable

    == [ vlan1 ]

    name. vlan1 mode. static ip: 10.0.1.1 255.255.255.128 status: up netb

    ios-forward. disable type. vlan mtu-override. disable

    user1 # get router info routing-table all

    Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP

    O - OSPF, IA - OSPF inter area

    N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

    E1 - OSPF external type 1, E2 - OSPF external type 2

    i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

    * - candidate default

    S 10.0.0.0/8 [10/0] is a summary, Null

    C 10.0.1.0/25 is directly connected, vlan1

    C 10.0.1.128/25 is directly connected, internal

    user1 # diagnose debug flow trace start 100

    user1 # diagnose debug ena

    user1 # diagnose debug flow filter daddr 10.0.1.1 10.0.1.1

    id=20085 trace_id=277 msg="vd-root received a packet(proto=6, 10.0.1.130

    :47922->10.0.1.1:443) from internal."

    id=20085 trace_id=277 msg="allocate a new session-00000b21"

    id=20085 trace_id=277 msg="iprope_in_check() check failed, drop"

    Based on the output from these commands, which of the following is a possible cause of the problem?

    A. The FortiGate unit has no route back to the PC.

    B. The PC has an IP address in the wrong subnet.

    C. The PC is using an incorrect default gateway IP address.

    D. There is no firewall policy allowing traffic from INTERNAL -> VLAN1.

  • Question 195:

    By default the Intrusion Protection System (IPS) on a FortiGate unit is set to perform which action?

    A. Block all network attacks.

    B. Block the most common network attacks.

    C. Allow all traffic.

    D. Allow and log all traffic.

  • Question 196:

    Which two statements are correct regarding synchronization between primary and secondary devices in a FortiManager HA cluster? (Choose two.)

    A. All device configurations including global databases are synchronized in the HA cluster.

    B. FortiGuard databases are downloaded separately by each cluster device.

    C. FortiGuard databases are downloaded by the primary FortiManager device and then synchronized with all secondary devices.

    D. Local logs and log configuration settings are synchronized in the HA cluster.

  • Question 197:

    An administrator is examining the attack logs and notices the following entry:

    type=ips subtype=signature pri=alert vd=root serial=1995 attack_id=103022611 src=69.45.64.22 dst=192.168.1.100 src_port=80 dst_port=4887 src_int=wlan dst_int=internal status=detected proto=6 service=4887/tcp user=N/A group=N/A msg=web_client: IE.IFRAME.BufferOverflow.B

    Based on the information displayed in this entry, which of the following statements are correct? (Select all that apply.)

    A. This is an HTTP server attack.

    B. The attack was detected and blocked by the FortiGate unit.

    C. The attack was against a FortiGate unit at the 192.168.1.100 IP address.

    D. The attack was detected and passed by the FortiGate unit.

  • Question 198:

    Which task categories can you select from view drop-down list in task monitor on the FortiManager?

    A. All, Running, Done, and Error

    B. Disable, Enable, and Completed

    C. Running, Offline, Online

    D. Completed, All, and Offline

  • Question 199:

    Which of the following statements is correct based on the firewall configuration illustrated in the exhibit?

    A. A user can access the Internet using only the protocols that are supported by user authentication.

    B. A user can access the Internet using any protocol except HTTP, HTTPS, Telnet, and FTP. These require authentication before the user will be allowed access.

    C. A user must authenticate using the HTTP, HTTPS, SSH, FTP, or Telnet protocol before they can access any services.

    D. A user cannot access the Internet using any protocols unless the user has passed firewall authentication.

  • Question 200:

    Which statement is correct regarding provisioning templates?

    A. Provisioning templates facilitate identical device level settings across many devices.

    B. Provisioning templates allow you to create firewall policies.

    C. Provisioning templates are configured as part of the policy and objects configuration.

    D. Provisioning templates are global and not related to specific ADOM versions.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.