1. Home
  2. Fortinet
  3. NSE5

Fortinet Network Security Expert 5 Written Exam (500)

Exam Details

  • Exam Code
    :NSE5
  • Exam Name
    :Fortinet Network Security Expert 5 Written Exam (500)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :320 Q&As
  • Last Updated
    :Jul 12, 2025

Fortinet Fortinet Certifications NSE5 Questions & Answers

  • Question 221:

    Which of the statements below are true regarding firewall policy disclaimers? (Select all that apply.)

    A. User must accept the disclaimer to proceed with the authentication process.

    B. The disclaimer page is customizable.

    C. The disclaimer cannot be used in combination with user authentication.

    D. The disclaimer can only be applied to wireless interfaces.

  • Question 222:

    Which of the following statements regarding Banned Words are correct? (Select all that apply.)

    A. The FortiGate unit can scan web pages and email messages for instances of banned words.

    B. When creating a banned word list, an administrator can indicate either specific words or patterns.

    C. Banned words can be expressed as simple text, wildcards or regular expressions.

    D. Content is automatically blocked if a single instance of a banned word appears.

    E. The FortiGate unit updates banned words on a periodic basis.

  • Question 223:

    Which two statements are correct regarding the central VPN console? (Choose two.)

    A. Central VPN console only supports full mesh IPsec VPN topologies.

    B. An external gateway is an IPsec tunnel endpoint not managed by the central VPN console.

    C. Central VPN console creates all the necessary firewall policies for traffic to be tunneled by IPsec.

    D. IKE settings only need to be configured once in central VPN console for all managed gateways.

  • Question 224:

    A firewall policy has been configured for the internal email server to receive email from external parties through SMTP. Exhibits A and B show the antivirus and email filter profiles applied to this policy.

    Exhibit A: Exhibit B:

    What is the correct behavior when the email attachment is detected as a virus by the FortiGate antivirus engine?

    A. The FortiGate unit will remove the infected file and deliver the email with a replacement message to alert the recipient that the original attachment was infected.

    B. The FortiGate unit will reject the infected email and the sender will receive a failed delivery message.

    C. The FortiGate unit will remove the infected file and add a replacement message. Both sender and recipient are notified that the infected file has been removed.

    D. The FortiGate unit will reject the infected email and notify the sender.

  • Question 225:

    When performing a log search on a FortiAnalyzer, it is generally recommended to use the Quick Search option.

    What is a valid reason for using the Full Search option, instead?

    A. The search items you are looking for are not contained in indexed log fields.

    B. A quick search only searches data received within the last 24 hours.

    C. You want the search to include the FortiAnalyzer's local logs.

    D. You want the search to include content archive data as well.

  • Question 226:

    Administrators can send alerts to multiple recipients through which methods? (Choose three.)

    A. Email

    B. SMS

    C. SNMP

    D. Syslog

    E. Instant Message (IM)

  • Question 227:

    When viewing the Banned User monitor in Web Config, the administrator notes the entry illustrated in the exhibit.

    Which of the following statements is correct regarding this entry?

    A. The entry displays a ban that has been added as a result of traffic triggering a configured DLP rule.

    B. The entry displays a ban that was triggered by HTTP traffic matching an IPS signature. This client is banned from receiving or sending any traffic through the FortiGate.

    C. The entry displays a quarantine, which could have been added by either IPS or DLP.

    D. This entry displays a ban entry that was added manually by the administrator on June11th.

  • Question 228:

    A FortiGate unit can scan for viruses on which types of network traffic? (Select all that apply.)

    A. POP3

    B. FTP

    C. SMTP

    D. SNMP

    E. NetBios

  • Question 229:

    Which of the following tasks fall under the responsibility of the SSL proxy in a typical HTTPS connection? (Select all that apply.)

    A. The web client SSL handshake.

    B. The web server SSL handshake.

    C. File buffering.

    D. Communication with the urlfilter process.

  • Question 230:

    Which of the following statements correctly describe Transparent Mode operation? (Select all that apply.)

    A. The FortiGate unit acts as transparent bridge and routes traffic using Layer-2 forwarding.

    B. Ethernet packets are forwarded based on destination MAC addresses NOT IPs.

    C. The device is transparent to network hosts.

    D. Permits inline traffic inspection and firewalling without changing the IP scheme of the network.

    E. All interfaces must be on different IP subnets.

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.