● NSE 5 - FortiSwitch 7.2 Administrator Exam Materials

Please note that the exam "NSE 5 - FortiSwitch 7.2 Administrator" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 5 - FortiSwitch 7.6 Administrator t"

The new exam version is available on Brave-Dumps and can be purchased.

Question #21

How does FortiGate handle configuration of flow tracking sampling if you export the settings to a managed FortiSwitch stack with sampling mode set to perimeter is true? (Choose one answer)

A. FortiGate configures FortiSwitch to perform ingress sampling on all switch interfaces.
B. FortiGate configures FortiSwitch to perform ingress sampling on all switch interfaces, except ICL and ISL interfaces.
C. FortiGate configures and enables flow sampling on FortiSwitch but does not change existing sampling settings of interfaces
D. FortiGate configures and enables egress sampling on all management interfaces.

Question #22

In which two ways can you assign a FortiSwitch port to a VDOM using multi-tenancy setup? (Choose two answers)

A. Assign a port to a VDOM directly on the managed FortiSwitch.
B. Create a virtual port pool on the FortiGate CLI.
C. Remove the managed FortiSwitch and allocate ports directly on FortiSwitch.
D. Switch the FortiLink interface to the target VDOM.

Question #23

Refer to the exhibit.

FortiGate is unable to establish a tunnel with the FortiSwitch device it is supposed to manage.

Based on the debug output shown in the exhibit, what is the reason for the failure? (Choose one answer)

A. FortiSwitch has disabled FortiLink and is only managed as a standalone.
B. The handshake process timed out before FortiSwitch responded.
C. The CAPWAP tunnel failed to come up due to a mismatch in time.
D. DTLS client hello had the incorrect pre-shared key.

Question #24

Refer to the exhibit

What two conclusions can be made regarding DHCP snooping configuration? (Choose two answers)

A. Maximum value to accept clients DHCP request is configured as per DHCP server range.
B. Fortiswitch is configured to trust OHCP replies coming on FortLink interface.
C. DHCP clients that are trusted by DHCP snooping configured is only one.
D. Global configuration for DHCP snooping is set to forward DHCP client requests on all ports in the VLAN.

Question #25

Which LLDP-MED Type-Length-Values does FortiSwitch collect from endpoints to track network devices and determine their characteristics? (Choose one answer)

A. Network policy
B. Power management
C. Location
D. Inventory management

Question #26

Refer to the diagnostic output:

What makes the use of the sniffer command on the FortiSwitch CLI unreliable on _port_23? (Choose one answer)

A. The types of packets captured is limited.
B. Just the port egress payloads are printed on CLI.
C. Only untagged VLAN traffic can be captured.
D. The switch port might be used as a trunk member.

Question #27

Refer to the exhibits.

Port1 and port2 are the only ports configured with the same native VLAN 10.

What are two reasons that can trigger port1 to shut down? (Choose two answers)

A. port1 was shut down by loop guard protection.
B. STP triggered a loop and applied loop guard protection on port1.
C. An endpoint sent a BPDU on port1 that it received from another interface.
D. Loop guard frame sourced from port1 was received on port1.

Question #28

What are two ways in which automatic MAC address quarantine works on FortiSwitch? (Choose two answers)

A. FortiSwitch supports only by VLAN quarantine mode.
B. FortiGate applies the quarantine-related configuration only on FortiGate.
C. FortiAnalyzer with a threat detection services license is required.
D. MAC address quarantine can be enabled through the FortiGate CLI only

Question #29

Refer to the exhibit.

The exhibit shows the current status of the ports on the managed FortiSwitch, Access-1.

Why would FortiGate display a serial number in the Native VLAN column associated with the port23 entry? (Choose one answer)

A. port23 is configured as the dedicated management interface.
B. Ports connected to adjacent FortiSwitch devices show their serial number as the native VLAN.
C. port23 is a member of a trunk that uses the Access-1 FortiSwitch serial number as the name of the trunk
D. A standalone switch with the shown serial number is connected on port23.

Question #30

What are two reasons why time synchronization between FortiGate and its managed FortiSwitch is critical in switch management? (Choose two answers)

A. FortiSwitch does not retain its time after a reboot, which gets reset after each reboot.
B. FortiSwitch will not be able to become an NTP server for downstream devices.
C. FortiSwitch cannot complete the DTLS handshake used in the CAPWAP tunnel.
D. FortiSwitch will not allow other FortiSwitch devices in the chain be discovered by FortiGate.

● NSE 5 - FortiSwitch 7.2 Administrator Exam Materials

How does FortiGate handle configuration of flow tracking sampling if you export the settings to a managed FortiSwitch stack with sampling mode set to perimeter is true? (Choose one answer)

Correct Answer: B

In which two ways can you assign a FortiSwitch port to a VDOM using multi-tenancy setup? (Choose two answers)

Correct Answer: A,B

Refer to the exhibit.

FortiGate is unable to establish a tunnel with the FortiSwitch device it is supposed to manage.

Based on the debug output shown in the exhibit, what is the reason for the failure? (Choose one answer)

Correct Answer: C

Refer to the exhibit

What two conclusions can be made regarding DHCP snooping configuration? (Choose two answers)

Correct Answer: B,D

Which LLDP-MED Type-Length-Values does FortiSwitch collect from endpoints to track network devices and determine their characteristics? (Choose one answer)

Correct Answer: D

Refer to the diagnostic output:

What makes the use of the sniffer command on the FortiSwitch CLI unreliable on _port_23? (Choose one answer)

Correct Answer: A

Refer to the exhibits.

Port1 and port2 are the only ports configured with the same native VLAN 10.

What are two reasons that can trigger port1 to shut down? (Choose two answers)

Correct Answer: A,D

What are two ways in which automatic MAC address quarantine works on FortiSwitch? (Choose two answers)

Correct Answer: C,D

Refer to the exhibit.

The exhibit shows the current status of the ports on the managed FortiSwitch, Access-1.

Why would FortiGate display a serial number in the Native VLAN column associated with the port23 entry? (Choose one answer)

Correct Answer: B

What are two reasons why time synchronization between FortiGate and its managed FortiSwitch is critical in switch management? (Choose two answers)

Correct Answer: A,C

● NSE 5 - FortiSwitch 7.2 Administrator Exam Materials

How does FortiGate handle configuration of flow tracking sampling if you export the settings to a managed FortiSwitch stack with sampling mode set to perimeter is true? (Choose one answer)

Correct Answer: B

In which two ways can you assign a FortiSwitch port to a VDOM using multi-tenancy setup? (Choose two answers)

Correct Answer: A,B

Refer to the exhibit. FortiGate is unable to establish a tunnel with the FortiSwitch device it is supposed to manage. Based on the debug output shown in the exhibit, what is the reason for the failure? (Choose one answer)

Correct Answer: C

Refer to the exhibit What two conclusions can be made regarding DHCP snooping configuration? (Choose two answers)

Correct Answer: B,D

Which LLDP-MED Type-Length-Values does FortiSwitch collect from endpoints to track network devices and determine their characteristics? (Choose one answer)

Correct Answer: D

Refer to the diagnostic output: What makes the use of the sniffer command on the FortiSwitch CLI unreliable on _port_23? (Choose one answer)

Correct Answer: A

Refer to the exhibits. Port1 and port2 are the only ports configured with the same native VLAN 10. What are two reasons that can trigger port1 to shut down? (Choose two answers)

Correct Answer: A,D

What are two ways in which automatic MAC address quarantine works on FortiSwitch? (Choose two answers)

Correct Answer: C,D

Refer to the exhibit. The exhibit shows the current status of the ports on the managed FortiSwitch, Access-1. Why would FortiGate display a serial number in the Native VLAN column associated with the port23 entry? (Choose one answer)

Correct Answer: B

What are two reasons why time synchronization between FortiGate and its managed FortiSwitch is critical in switch management? (Choose two answers)

Correct Answer: A,C

Refer to the exhibit.

FortiGate is unable to establish a tunnel with the FortiSwitch device it is supposed to manage.

Based on the debug output shown in the exhibit, what is the reason for the failure? (Choose one answer)

Refer to the exhibit

What two conclusions can be made regarding DHCP snooping configuration? (Choose two answers)

Refer to the diagnostic output:

What makes the use of the sniffer command on the FortiSwitch CLI unreliable on _port_23? (Choose one answer)

Refer to the exhibits.

Port1 and port2 are the only ports configured with the same native VLAN 10.

What are two reasons that can trigger port1 to shut down? (Choose two answers)

Refer to the exhibit.

The exhibit shows the current status of the ports on the managed FortiSwitch, Access-1.

Why would FortiGate display a serial number in the Native VLAN column associated with the port23 entry? (Choose one answer)