Fortinet nse5-fct-6-2 practice test

Fortinet NSE 5 - FortiClient EMS 6.2 Exam


Question 1

Which three types of antivirus scans are available on FortiClient? (Choose three )

  • A. Proxy scan
  • B. Full scan
  • C. Custom scan
  • D. Flow scan
  • E. Quick scan
Answer:

B, C, E

Discussions
0 / 1000

Question 2

Which network component sends a notification after identifying a connected endpoint in the
quarantine automation process?

  • A. FortiGate
  • B. FortiClient
  • C. FortiClient EMS
  • D. FortiAnalyzer
Answer:

B

Discussions
0 / 1000

Question 3

An administrator installs FortiClient on Windows Server.
What is the default behavior of real-time protection control?

  • A. Real-time protection must update AV signature database
  • B. Real-time protection sends malicious files to FortiSandbox when the file is not detected locally
  • C. Real-time protection is disabled
  • D. Real-time protection must update the signature database from FortiSandbox
Answer:

C

Discussions
0 / 1000

Question 4

Refer to the exhibit.

Based on the FortiClient logs shown in the exhibit which application is blocked by the application
firewall?

  • A. Twitter
  • B. Facebook
  • C. Internet Explorer
  • D. Firefox
Answer:

D

Discussions
0 / 1000

Question 5

Refer to the exhibit.

Based on the settings shown in the exhibit what action will FortiClient take when users try to access
www facebook com?

  • A. FortiClient will allow access to Facebook.
  • B. FortiClient will block access to Facebook and its subdomains
  • C. FortiClient will prompt a warning message to warn the user before they can access the Facebook website
  • D. FortiClient will allow access to Facebook and log user's web access.
Answer:

A

Discussions
0 / 1000

Question 6

When site categories are disabled on FortiClient webfilter and AV (malicious websites), which feature
protects the endpoint?

  • A. Web Exclusion list
  • B. Endpoint host file
  • C. FortiSandbox URL list
  • D. Block malicious websites on Antivirus
Answer:

A

Discussions
0 / 1000

Question 7

Refer to the exhibit.

Based on the settings shown in the exhibit which statement about FortiClient behavior is true?

  • A. FortiClient quarantines infected files and reviews later, after scanning them.
  • B. FortiClient blocks and deletes infected files after scanning them.
  • C. FortiClient scans infected files when the user copies files to the Resources folder
  • D. FortiClient copies infected files to the Resources folder without scanning them.
Answer:

A

Discussions
0 / 1000

Question 8

Which statement about FortiClient enterprise management server is true?

  • A. It provides centralized management of FortiGate devices.
  • B. lt provides centralized management of multiple endpoints running FortiClient software.
  • C. It provides centralized management of FortiClient Android endpoints only.
  • D. It provides centralized management of Chromebooks running real-time protection
Answer:

B

Discussions
0 / 1000

Question 9

Refer to the exhibit.

Based on the settings shown in the exhibit, which two actions must the administrator take to make
the endpoint compliant? (Choose two)

  • A. Integrate FortiSandbox for infected file analysis.
  • B. Enable the webfilter profile
  • C. Patch applications that have vulnerability rated as high or above.
  • D. Run Calculator application on the endpoint.
Answer:

C, D

Discussions
0 / 1000

Question 10

An administrator is required to maintain a software inventory on the endpoints. without showing the
feature on the FortiClient dashboard What must the administrator do to achieve this requirement?

  • A. The administrator must use default endpoint profile
  • B. The administrator must not select the vulnerability scan feature in the deployment package.
  • C. The administrator must select the vulnerability scan feature in the deployment package, but disable the feature on the endpoint profile
  • D. The administrator must click the hide icon on the vulnerability scan tab
Answer:

C

Discussions
0 / 1000
To page 2