1. Home
  2. Fortinet
  3. NSE5

Fortinet Network Security Expert 5 Written Exam (500)

Exam Details

  • Exam Code
    :NSE5
  • Exam Name
    :Fortinet Network Security Expert 5 Written Exam (500)
  • Certification
    :Fortinet Certifications
  • Vendor
    :Fortinet
  • Total Questions
    :320 Q&As
  • Last Updated
    :Jul 12, 2025

Fortinet Fortinet Certifications NSE5 Questions & Answers

  • Question 61:

    The eicar test virus is put into a zip archive, which is given the password of "Fortinet" in order to open the archive. Review the configuration in the exhibits shown below; then answer the question that follows.

    Exhibit A Antivirus Profile:

    Exhibit B

    Non-default UTM Proxy Options Profile:

    Exhibit C DLP Profile:

    Which of one the following profiles could be enabled in order to prevent the file from passing through the FortiGate device over HTTP on the standard port for that protocol?

    A. Only Exhibit A

    B. Only Exhibit B

    C. Only Exhibit C with default UTM Proxy settings.

    D. All of the Exhibits (A, B and C)

    E. Only Exhibit C with non-default UTM Proxy settings (Exhibit B).

  • Question 62:

    Which of the following describes the best custom signature for detecting the use of the word "Fortinet" in chat applications?

    The sample packet trace illustrated in the exhibit provides details on the packet that requires detection.

    A. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; -no_case; )

    B. F-SBID( --protocol tcp; --flow from_client; --pattern "fortinet"; --no_case; )

    C. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; --within 20; --no_case; )

    D. F-SBID( --protocol tcp; --flow from_client; --pattern "X-MMS-IM-Format"; --pattern "fortinet"; --within 20; )

  • Question 63:

    Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?

    A. Packet encryption

    B. MIB-based report uploads

    C. SNMP access limits through access lists

    D. Running SNMP service on a non-standard port is possible

  • Question 64:

    Which of the following statements correctly describes how a push update from the FortiGuard Distribution Network (FDN) works?

    A. The FDN sends push updates only once.

    B. The FDN sends package updates automatically to the FortiGate unit without requiring an update request.

    C. The FDN continues to send push updates until the FortiGate unit sends an acknowledgement.

    D. The FDN sends a message to the FortiGate unit that there is an update available and that the FortiGate unit should download the update.

  • Question 65:

    Which Fortinet products and features could be considered part of a comprehensive solution to monitor and prevent the leakage of sensitive data? (Select all that apply.)

    A. Archive non-compliant outgoing e-mails using FortiMail.

    B. Restrict unofficial methods of transferring files such as P2P using Application Control lists on a FortiGate.

    C. Monitor database activity using FortiAnalyzer.

    D. Apply a DLP sensor to a firewall policy.

    E. Configure FortiClient to prevent files flagged as sensitive from being copied to a USB disk.

  • Question 66:

    Which of the following regular expression patterns will make the terms "confidential data" case insensitive?

    A. \[confidential data]

    B. /confidential data/i

    C. i/confidential data/

    D. "confidential data"

    E. /confidential data/c

  • Question 67:

    Which of the following statements is not correct regarding virtual domains (VDOMs)?

    A. VDOMs divide a single FortiGate unit into two or more virtual units that function as multiple, independent units.

    B. A management VDOM handles SNMP, logging, alert email, and FDN-based updates.

    C. A backup management VDOM will synchronize the configuration from an active management VDOM.

    D. VDOMs share firmware versions, as well as antivirus and IPS databases.

    E. Only administrative users with a super_admin profile will be able to enter all VDOMs to make configuration changes.

  • Question 68:

    Which of the following antivirus and attack definition update options are supported by FortiGate units? (Select all that apply.)

    A. Manual update by downloading the signatures from the support site.

    B. Pull updates from the FortiGate device

    C. Push updates from the FortiGuard Distribution Network.

    D. "update-AV/AS" command from the CLI

  • Question 69:

    The command structure of the FortiGate CLI consists of commands, objects, branches, tables, and parameters.

    Which of the following items describes user?

    A. A command.

    B. An object.

    C. A table.

    D. A parameter.

  • Question 70:

    Two-factor authentication is supported using the following methods? (Select all that apply.)

    A. FortiToken

    B. Email

    C. SMS phone message

    D. Code books

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.