最新なFortinet NSE5問題集（309題）、真実試験の問題を全部にカバー！

質問 1：
CORRECT TEXT
In addition to AntiVirus services, the FortiGuard Subscription Services provide IPS, Web Filtering, and ___________ services.
正解：
antispam

質問 2：
An administrator wishes to generate a report showing Top Traffic by service type, but wants to exclude SMTP traffic from the report.
Which of the following statements best describes how to do this?
A. When editing the chart, enter 'dns' in the Exclude Service field.
B. In the Service field of the Data Filter, type 25/smtp and select the NOT checkbox.
C. When editing the chart, uncheck mlog to indicate that Mail Filtering data is being excluded when generating the chart.
D. Add the following entry to the Generic Field section of the Data Filter: service="!smtp".
正解：B

質問 3：
What are the limitations when creating a chart using the Custom Chart wizard? (Choose two.)
A. You can only create custom charts within the root ADOM only.
B. You can only select from two variable charts.
C. You cannot select the format of the data - all charts are table charts by default.
D. You cannot search multiple log types (for example, $log-traffic, $log-webfilter).
正解：B,D

質問 4：
A FortiGate unit can act as which of the following? (Select all that apply.)
A. Mail relay
B. Mail server
C. VPN gateway
D. Firewall
E. Antispam filter
正解：C,D,E

質問 5：
The default administrator profile that is assigned to the default "admin" user on a FortGate device is: __________ .
A. trusted-admin
B. super_user
C. admin
D. fortinet-root
E. super_admin
正解：E

質問 6：
The FortiGate Server Authentication Extensions (FSAE) provide a single sign on solution to authenticate users transparently to a FortiGate unit using credentials stored in Windows Active Directory.
Which of the following statements are correct regarding FSAE in a Windows domain environment when NTLM is not used? (Select all that apply.)
A. An FSAE Collector Agent must be installed on every domain controller.
B. The FSAE Collector Agent will retrieve user information from the Domain Controller Agent and will send the user logon information to the FortiGate unit.
C. For non-domain computers, an FSAE client must be installed on the computer to allow FSAE authentication.
D. The FSAE Domain Controller Agent will regularly update user logon information on the FortiGate unit.
E. An FSAE Domain Controller Agent must be installed on every domain controller.
正解：B,E

質問 7：
SSL content inspection is enabled on the FortiGate unit. Which of the following steps is required to prevent a user from being presented with a web browser warning when accessing an SSL-encrypted website?
A. Enable transparent proxy mode on the FortiGate unit.
B. The root certificate of the FortiGate SSL proxy must be imported into the local certificate store on the user's workstation.
C. Enable NTLM authentication on the FortiGate unit. NTLM authentication suppresses the certificate warning messages in the web browser.
D. Disable the strict server certificate check in the web browser under Internet Options.
正解：B

質問 8：
Which statements are true about Offline mode on the FortiManager? (Choose two.)
A. Offline mode is enabled by default when backup is restored on FortiManager.
B. Devices cannot be managed when offline mode is enabled.
C. Enabling offline mode enables fgfm protocol (TCP 541).
D. Enabled by default.
正解：A,B

質問 9：
SSL Proxy is used to decrypt the SSL-encrypted traffic. After decryption, where is the traffic buffered in preparation for content inspection?
A. In the upload direction, the file is buffered by the SSL proxy. In the download direction, the file is buffered by the application proxy.
B. No file buffering is needed since a stream-based scanning approach is used for SSL content inspection.
C. The file is buffered by the SSL proxy.
D. The file is buffered by the application proxy.
正解：D