● NSE 5 - FortiSwitch 7.2 Administrator Exam Materials
Please note that the exam "NSE 5 - FortiSwitch 7.2 Administrator" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 5 - FortiSwitch 7.6 Administrator t"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 5 - FortiSwitch 7.6 Administrator t"
The new exam version is available on Brave-Dumps and can be purchased.
Question #41
Question #42
How are the 'by VLAN redirect MAC address quarantine' mode and the 'by redirect MAC address quarantine' mode on FortiGate similar? (Choose one answer)
- A. Both modes add quarantined device MAC addresses to the blocked firewall address group.
- B. Both modes move quarantined devices to the quarantine VLAN.
- C. Both modes block intra-VLAN traffic by FortiGate automatically.
- D. Both modes require firewall policies to block inter-VLAN traffic
Question #43
Which two statements about DHCP snooping enabled on a FortiSwitch VLAN are true? (Choose two answers)
- A. Settings related to DHCP option 82 are only configurable through the CLI.
- B. switch-controller-dhcp-snooping-verify-mac verifies the destination MAC address to protect against DHCP exhaustion attacks.
- C. Enabling DHCP snooping on a FortiSwitch VLAN ensures requests and replies are seen by all DHCP servers.
- D. By default, all FortiSwitch ports are set to forward client DHCP requests to untrusted ports.
Question #44
Which two statements about 802.1X authentication on FortiSwitch ports are true? (Choose two answers)
- A. All devices connecting to FortiSwitch must support 802.1X authentication.
- B. A security policy is used to apply 802.1 authentication on a port.
- C. All hosts behind an authenticated port are allowed access after a successful authentication.
- D. A local user database must be used to authenticate devices using the 802.1X authentication protocol.
Question #45
Which statement about the configuration of VLANs on a managed FortiSwitch port is true? (Choose one answer)
- A. Allowed VLANs expand the collision domain to the port.
- B. Untagged VLANs must be part of the allowed VLANs: ingress and egress.
- C. The native VLAN is implicitly part of the allowed VLAN on the port.
- D. FortiSwitch VLAN interfaces are created only when FortiSwitch is managed by FortiGate.
Question #46
Which two statements about managing a FortiSwitch stack on FortiGate are true? (Choose two answers)
- A. FortiSwitch must be operating in standalone mode before authorization.
- B. A FortiLink interface must be enabled on FortiGate.
- C. The switch controller feature must be enabled on FortiGate.
- D. Only a hardware-based FortiGate can manage a FortiSwitch stack.
Question #47
Which feature should you enable to reduce the number or unwanted IGMP reports processed by the IGMP querier? (Choose one answer)
- A. Enable IGMP flood unknown multicast traffic on the global setting.
- B. Enable the IGMP flood setting on the static port for all multicast groups.
- C. Enable the IGMP flood reports setting on the mRouter port.
- D. Enable IGMP snooping proxy.
Question #48
Refer to the Exhibit.
port24 is the only uplink port connected to the network where access to FortiSwitch management services is possible. However, FortiSwitch is still not accessible on the management interface. Which two actions should you take to fix the issue and access FortiSwitch?
(Choose two answers)
- A. You must add port24 native VLAN as an allowed VLAN on internal.
- B. You must add VLAN ID 200 to the allowed VLANS on internal.
- C. You must allow VLAN ID 4094 on port24, if management traffic is tagged.
- D. You should use VLAN ID 4094 as the native VLAN on port24.
Question #49
What is the role of a device that is simultaneously functioning as both the distribution and core in the hierarchy network model? (Choose one answer)
- A. FortiGate managing FortiSwitch
- B. FortiSwitch functioning as standalone
- C. HA backup FortiGate managing FortiSwitch
- D. PoE with high density FortiSwitch
Question #50
Which statement about the use of the switch port analyzer (SPAN) packet capture method is true? (Choose one answer)
- A. Mirrored traffic can be sent across multiple switches.
- B. SPAN can be configured only on a standalone FortiSwitch.
- C. Traffic on the management interface can be mirrored and captured by the monitoring device.
- D. The monitoring device must be connected to the same switch where the traffic is being mirrored
Refer to the exhibit.
You need to manage three FortiSwitch devices using a FortiGate device. Two of the FortiSwitch devices initiated a reboot after the authorization process. However, the FortiSwitch device with the configuration shown in the exhibit, did not reboot. All three devices completed FortiLink management authorization successfully.
Why did the FortiSwitch device shown in the exhibit not reboot to complete the authorization process? (Choose one answer)