NSE5 Exam Dumps | An administrator is examining the attack logs and notices the following entry: device

<< Prev Question Next Question >>

Question 258/303

An administrator is examining the attack logs and notices the following entry:
device_id=FG100A3907508962 log_id=18432 subtype=anomaly type=ips timestamp=1270017358 pri=alert itime=1270017893 severity=critical src=192.168.1.52 dst=64.64.64.64 src_int=internal serial=0 status=clear_session proto=6 service=http vd=root count=1 src_port=35094 dst_port=80 attack_id=100663402 sensor=protect-servers ref=http://www.fortinet.com/ids/VID100663402 msg="anomaly: tcp_src_session, 2 > threshold 1" policyid=0 carrier_ep=N/A profile=N/A dst_int=N/A user=N/A group=N/A Based solely upon this log message, which of the following statements is correct?

A. The number of concurrent connections to destination IP address 64.64.64.64 has exceeded the configured threshold.

B. This attack was launched against the FortiGate unit itself rather than a host behind the FortiGate unit.

C. This attack was blocked by the HTTP protocol decoder.

D. This attack was caught by the DoS sensor "protect-servers".

Question List (303q): Question 1: In a High Availability configuration operating in Active-Act...; Question 2: Which of the following must be configured on a FortiGate uni...; Question 3: Which of the following antivirus and attack definition updat...; Question 4: In order to load-share traffic using multiple static routes,...; Question 5: In an IPSec gateway-to-gateway configuration, two FortiGate ...; Question 6: In which of the following report templates would you configu...; Question 7: Encrypted backup files provide which of the following benefi...; Question 8: What are the requirements for a cluster to maintain TCP conn...; Question 9: The ordering of firewall policies is very important. Policie...; Question 10: Which of the following statements correctly describe Transpa...; Question 11: An issue could potentially occur when clicking Connect to st...; Question 12: A FortiGate AntiVirus profile can be configured to scan for ...; Question 13: When the SSL proxy inspects the server certificate for Web F...; Question 14: By default the Intrusion Protection System (IPS) on a FortiG...; Question 15: Which tabs are available on the FortiManager Web-based manag...; Question 16: Which of the following statements is correct regarding URL F...; Question 17: What is the primary difference between raw format logs and f...; Question 18: Selecting Create New, as shown in the exhibit, will result i...; Question 19: When performing a log search on a FortiAnalyzer, it is gener...; Question 20: Which of the following Session TTL values will take preceden...; Question 21: Setting workspace-mode to normal, as shown in the exhibit, a...; Question 22: Which of the following statements are correct regarding virt...; Question 23: The FortiGate unit can be configured to allow authentication...; Question 24: Which of the following logging options are supported on a Fo...; Question 25: Which of the following features could be used by an administ...; Question 26: Which of the following statements are correct regarding Appl...; Question 27: The following diagnostic output is displayed in the CLI: dia...; Question 28: Review the output of the command get router info routing-tab...; Question 29: What statements are true regarding the "store and upload" lo...; Question 30: Review the IPsec diagnostics output of the command diag vpn ...; Question 31: Which statement is correct? FortiAnalyzer collects and aggre...; Question 32: When configuring a server load balanced virtual IP, which of...; Question 33: In NAT/Route mode when there is no matching firewall policy ...; Question 34: An administrator wants to assign a set of UTM features to a ...; Question 35: A FortiGate administrator configures a Virtual Domain (VDOM)...; Question 36: How can DLP file filters be configured to detect Office 2010...; Question 37: Review the IPsec Phase2 configuration shown in the Exhibit; ...; Question 38: Which two statements are correct regarding the central VPN c...; Question 39: What is the effect of using CLI "config system session-ttl" ...; Question 40: Refer to the exhibit. An administrator created a new interfa...; Question 41: Which of the following describes the best custom signature f...; Question 42: A client can establish a secure connection to a corporate ne...; Question 43: Which of the following is an advantage of using SNMP v3 inst...; Question 44: An ADOM has two device modes: normal (default) and advanced....; Question 45: What two statements are correct regarding administrative use...; Question 46: Which of the following methods is best suited to changing de...; Question 47: Which of the following statements describes the method of cr...; Question 48: Given the Antivirus and IPS update service is enabled, and t...; Question 49: Examine the Exhibits shown below, then answer the question t...; Question 50: When backing up the configuration file on a FortiGate unit, ...; Question 51: Select the answer that describes what the CLI command diag d...; Question 52: The eicar test virus is put into a zip archive, which is giv...; Question 53: You are the administrator in charge of a FortiGate unit whic...; Question 54: If Open Shortest Path First (OSPF) has already been configur...; Question 55: An administrator is configuring a DLP rule for FTP traffic. ...; Question 56: The Idle Timeout setting on a FortiGate unit applies to whic...; Question 57: An administrator has configured a FortiGate unit so that end...; Question 58: DLP archiving gives the ability to store session transaction...; Question 59: The command structure of the CLI on a FortiGate unit consist...; Question 60: What is the purpose of locking an ADOM revision?...; Question 61: Which of the following tasks fall under the responsibility o...; Question 62: A client can create a secure connection to a FortiGate devic...; Question 63: Which of the following statements are true regarding Local U...; Question 64: Which two statements are correct regarding FortiGate-FortiMa...; Question 65: Data Leak Prevention archiving gives the ability to store fi...; Question 66: The following ban list entry is displayed through the CLI. g...; Question 67: A FortiGate 100 unit is configured to receive push updates f...; Question 68: An end user logs into the full-access SSL VPN portal and sel...; Question 69: Which of the following regular expression patterns will make...; Question 70: Review the IKE debug output for IPsec shown in the Exhibit b...; Question 71: Which of the following network protocols are supported for a...; Question 72: Which of the following statements best decribes the proxy be...; Question 73: When viewing the Banned User monitor in Web Config, the admi...; Question 74: Review the IPsec diagnostics output of the command diag vpn ...; Question 75: Which spam filter is not available on a FortiGate device?...; Question 76: An administrator wishes to generate a report showing Top Tra...; Question 77: In which order are firewall policies processed on the FortiG...; Question 78: A static route is configured for a FortiGate unit from the C...; Question 79: On the Device Manager tab, what does a red circle in the Log...; Question 80: Which of the following statements are correct regarding URL ...; Question 81: Which of the following methods can be used to access the CLI...; Question 82: An intermittent connectivity issue is noticed between two de...; Question 83: In the case of TCP traffic, which of the following correctly...; Question 84: Which permissions can be configured for a 'Restricted Admin'...; Question 85: A FortiGate unit is configured to receive push updates from ...; Question 86: Which of the following is true regarding Switch Port Mode?...; Question 87: Which of the statements below are true regarding firewall po...; Question 88: Which of the following products is designed to manage multip...; Question 89: Which part of an email message exchange is NOT inspected by ...; Question 90: Two FortiGate devices fail to form an HA cluster, the device...; Question 91: What advantages are there in using a hub-and-spoke IPSec VPN...; Question 92: Which of the following is an advantage of using SNMP v3 inst...; Question 93: What remote authentication servers can you configure to vali...; Question 94: What statements are true regarding disk log quota? (Choose t...; Question 95: An administrator configures a VPN and selects the Enable IPS...; Question 96: Which of the following items are considered to be advantages...; Question 97: Which two statements are correct regarding the FortiManager ...; Question 98: A user selects Install Config for a managed FortiGate device...; Question 99: Which of the following Regular Expression patterns will make...; Question 100: In a High Availability cluster operating in Active-Active mo...; Question 101: Which statements are true regarding securing communications ...; Question 102: Review the CLI configuration below for an IPS sensor and ide...; Question 103: An administrator configures a FortiGate unit in Transparent ...; Question 104: Which of the following Fortinet products can receive updates...; Question 105: A network administrator needs to implement dynamic route red...; Question 106: Which of the following are valid FortiGate device interface ...; Question 107: Which of the following statements is correct regarding URL F...; Question 108: The Host Check feature can be enabled on the FortiGate unit ...; Question 109: If a FortiGate unit has a dmz interface IP address of 210.19...; Question 110: In the example dataset, where does it state to limit the res...; Question 111: Which of the following statements regarding Banned Words are...; Question 112: What output profiles can you configure for report event noti...; Question 113: Which of the following items does NOT support the Logging fe...; Question 114: When creating administrative users which of the following co...; Question 115: Which statement correctly names the Administrative Domains m...; Question 116: UTM features can be applied to which of the following items?...; Question 117: For Data Leak Prevention, which of the following describes t...; Question 118: The FortiGate Web Config provides a link to update the firmw...; Question 119: In which order are firewall policies processed on the FortiG...; Question 120: What is the effect of using CLI "config system session-ttl" ...; Question 121: In the Tunnel Mode widget of the web portal, the administrat...; Question 122: Which of the following cannot be used in conjunction with th...; Question 123: An issue could potentially occur when clicking Connect to st...; Question 124: Which of the following are valid components of the Fortinet ...; Question 125: What are the valid sub-types for a Firewall type policy? (Se...; Question 126: View the Exhibit. (Exhibit) Refer to the exhibit. Which two ...; Question 127: Which of the following pieces of information can be included...; Question 128: Which tabs do not appear when FortiAnalyzer is operating in ...; Question 129: What statements are true regarding RAID? (Choose three.)...; Question 130: Identify the correct properties of a partial mesh VPN deploy...; Question 131: Examine the exhibit shown below; then answer the question fo...; Question 132: What are the methods available to register a device? (Choose...; Question 133: Which of the following statements best describes the green s...; Question 134: Which of the following describes the difference between the ...; Question 135: Review the configuration for FortiClient IPsec shown in the ...; Question 136: What statements are true regarding Administrative Domains (A...; Question 137: Review the output of the command config router ospf shown in...; Question 138: Which of the following spam filtering methods are supported ...; Question 139: A network administrator connects his PC to the INTERNAL inte...; Question 140: Which of the following statements is not correct regarding v...; Question 141: Two-factor authentication is supported using the following m...; Question 142: Which of the following represents the correct order of crite...; Question 143: When firewall policy authentication is enabled, only traffic...; Question 144: A firewall policy has been configured for the internal email...; Question 145: Which two statements are correct for configuration changes m...; Question 146: Refer to the exhibit. Examine the logs from the FortiView &g...; Question 147: What are the three different methods you can employ to send ...; Question 148: The transfer of encrypted files or the use of encrypted prot...; Question 149: In HA, what is the effect of the Disconnect Cluster Member c...; Question 150: Examine the following log message for IPS and identify the v...; Question 151: Because changing the operational mode to Transparent resets ...; Question 152: What are the limitations when creating a chart using the Cus...; Question 153: You wish to create a firewall policy that applies only to tr...; Question 154: Which statement is true regarding FortiAnalyzer models?...; Question 155: Users may require access to a web site that is blocked by a ...; Question 156: Which two statements are correct regarding synchronization b...; Question 157: Which of the following items is NOT a packet characteristic ...; Question 158: Which of the following statements best describes the proxy b...; Question 159: An organization wishes to protect its SIP Server from call f...; Question 160: Examine the exhibit shown below then answer the question tha...; Question 161: Which of the following items represent the minimum configura...; Question 162: Which two statements are correct regarding recovery logic us...; Question 163: Which of the following items is NOT a packet characteristic ...; Question 164: Examine the Exhibit shown below; then answer the question fo...; Question 165: A portion of the device listing for a FortiAnalyzer unit is ...; Question 166: Which of the following statements regarding the firewall pol...; Question 167: What is the problem with the following SQL SELECT statement?...; Question 168: When a FortiManager HA primary device fails, which two state...; Question 169: Which of the following components are contained in all Forti...; Question 170: Which statement is correct regarding virus scanning on a For...; Question 171: A FortiGate unit is operating in NAT/Route mode and is confi...; Question 172: Which of the following statements is correct regarding the F...; Question 173: Which of the following statements are true of the FortiGate ...; Question 174: An administrator has formed a High Availability cluster invo...; Question 175: Examine the two static routes to the same destination subnet...; Question 176: Refer to the exhibit. What does the clock icon denote beside...; Question 177: Which statements are true about Offline mode on the FortiMan...; Question 178: Review the IPsec phase1 configuration in the Exhibit shown b...; Question 179: You are the administrator in charge of a FortiGate unit whic...; Question 180: Which two statements describe a "modified" device settings' ...; Question 181: A FortiAnalyzer device could use which security method to se...; Question 182: What effect do administrative domains (ADOM) have on report ...; Question 183: Which of the following statements is correct regarding a For...; Question 184: Which of the following network protocols can be used to acce...; Question 185: Which of the following are valid authentication user group t...; Question 186: A FortiGate unit is configured with multiple VDOMs. An admin...; Question 187: Which of the following methods does the FortiGate unit use t...; Question 188: A FortiGate unit can scan for viruses on which types of netw...; Question 189: Which ports are commonly used by FortiManager? (Choose two.)...; Question 190: An administrator sets up a new FTP server on TCP port 2121. ...; Question 191: Which two statements are correct concerning the revision his...; Question 192: What is the FortiGate unit password recovery process?...; Question 193: Identify the statement which correctly describes the output ...; Question 194: When browsing to an internal web server using a web-mode SSL...; Question 195: Which of the following statements is correct regarding a For...; Question 196: With FSSO, a domain user could authenticate either against t...; Question 197: A FortiGate unit can provide which of the following capabili...; Question 198: Which email filter is NOT available on a FortiGate device?...; Question 199: By default, what happens when a log file reaches its maximum...; Question 200: Each UTM feature has configurable UTM objects such as sensor...; Question 201: Which of the following statements is correct based on the fi...; Question 202: Workflow mode includes which new permissions for Super_Admin...; Question 203: Bob wants to send Alice a file that is encrypted using publi...; Question 204: Which of the following email spam filtering features is NOT ...; Question 205: Examine the Exhibit shown below; then answer the question fo...; Question 206: Which of the following statements are TRUE for Port Pairing ...; Question 207: Shown below is a section of output from the debug command di...; Question 208: Which one of the following statements is correct about raw l...; Question 209: What are the operating modes of FortiAnalyzer? (Choose two.)...; Question 210: You wish to create a firewall policy that applies only to tr...; Question 211: A user creates a policy package with two installation target...; Question 212: What is 'hot swapping'?; Question 213: Each UTM feature has configurable UTM objects such as sensor...; Question 214: When configuring FortiGuard on FortiManager, which two state...; Question 215: If no firewall policy is specified between two FortiGate int...; Question 216: Which of the following options can you use to update the vir...; Question 217: The command structure of the FortiGate CLI consists of comma...; Question 218: A network administrator connects his PC to the INTERNAL inte...; Question 219: A FortiGate unit can act as which of the following? (Select ...; Question 220: Which of the following statements correctly describes the de...; Question 221: SIMULATION The __________CLI command is used on the FortiGat...; Question 222: Which statements are true regarding securing communications ...; Question 223: FSSO provides a single sign on solution to authenticate user...; Question 224: Which of the following products provides dedicated hardware ...; Question 225: Which of the following represents the method used on a Forti...; Question 226: A user created a firewall address object, as shown in the ex...; Question 227: Which of the following methods can be used to access the CLI...; Question 228: Caching improves performance by reducing FortiGate unit requ...; Question 229: Administrators can send alerts to multiple recipients throug...; Question 230: Which statement is true regarding the import/export feature?...; Question 231: SSL content inspection is enabled on the FortiGate unit. Whi...; Question 232: Based on the web filtering configuration illustrated in the ...; Question 233: Which of the following antivirus and attack definition updat...; Question 234: Under the System Information widget on the dashboard, which ...; Question 235: The diag sys session list command is executed in the CLI. Th...; Question 236: FortiGate units are preconfigured with four default protecti...; Question 237: An administrator logs into a FortiGate unit using an account...; Question 238: SSL Proxy is used to decrypt the SSL-encrypted traffic. Afte...; Question 239: The ordering of firewall policies is very important. Policie...; Question 240: Review the static route configuration for IPsec shown in the...; Question 241: Users may require access to a web site that is blocked by a ...; Question 242: Which of the following statements is correct about how the F...; Question 243: Which of the following products can be installed on a comput...; Question 244: Which statement correctly identified the APIs supported by F...; Question 245: The FortiGate unit's GUI provides a link to update the firmw...; Question 246: The FortiGate Server Authentication Extensions (FSAE) provid...; Question 247: Which of the following statements is correct regarding the N...; Question 248: Alert emails enable the FortiGate unit to send email notific...; Question 249: SIMULATION When creating administrative users, the assigned ...; Question 250: An administrator is examining the attack logs and notices th...; Question 251: WAN optimization is configured in Active/Passive mode. When ...; Question 252: Which of the following statements is correct regarding the a...; Question 253: Which statements are true regarding content archiving, also ...; Question 254: Which task categories can you select from view drop-down lis...; Question 255: A FortiGate unit can create a secure connection to a client ...; Question 256: Which statements are true of Administrative Domains (ADOMs) ...; Question 257: File blocking rules are applied before which of the followin...; Question 258: An administrator is examining the attack logs and notices th...; Question 259: The service access settings for a FortiManager network inter...; Question 260: What are two of the key features of FortiAnalyzer? (Choose t...; Question 261: Which of the following DLP actions will override any other a...; Question 262: In Transparent Mode, forward-domain is an attribute of _____...; Question 263: An end user logs into the SSL VPN portal and selects the Tun...; Question 264: Which statements are true regarding encryption settings and ...; Question 265: Which two statements are correct regarding the "Import all O...; Question 266: In HA, the option Reserve Management Port for Cluster Member...; Question 267: Review the output of the command get router info routing-tab...; Question 268: Which statement is correct regarding provisioning templates?...; Question 269: A FortiGate unit is configured with three Virtual Domains (V...; Question 270: Which part of an email message exchange is NOT inspected by ...; Question 271: Which of the following pieces of information can be included...; Question 272: Which two statements are correct regarding header and footer...; Question 273: Which statement correctly compares FortiManager physical and...; Question 274: Examine the static route configuration shown below; then ans...; Question 275: An administrator wishes to generate a report showing Top Tra...; Question 276: A FortiGate unit is configured with three Virtual Domains (V...; Question 277: A FortiGate 60 unit is configured for your small office. The...; Question 278: How does the Log View page display logs when ADOMs are enabl...; Question 279: What is the FortiGate unit password recovery process?...; Question 280: What advantages are there in using a hub-and-spoke IPSec VPN...; Question 281: Which two statements are correct regarding FortiGuard featur...; Question 282: Two devices are in an HA cluster, the device hostnames are S...; Question 283: Which Fortinet products & features could be considered p...; Question 284: Both the FortiGate and FortiAnalyzer units can notify admini...; Question 285: Which of the following statements are correct regarding logg...; Question 286: If Routing Information Protocol (RIP) version 1 or version 2...; Question 287: If RAID isn't supported, what are other types of backup mech...; Question 288: A firewall policy has been configured for the internal email...; Question 289: Which of the following statements is correct about configuri...; Question 290: What are the main management wizards used in Device Manager?...; Question 291: Which of the following statements regarding Banned Words are...; Question 292: The default administrator profile that is assigned to the de...; Question 293: Which statements are correct regarding FortiAnalyzer reports...; Question 294: Which of the following are FortiManager features? (Choose tw...; Question 295: Which of the following DLP actions will always be performed ...; Question 296: Which statement is correct regarding virus scanning on a For...; Question 297: Which of the following statements are correct regarding the ...; Question 298: How is traffic routed onto an SSL VPN tunnel from the FortiG...; Question 299: Examine the firewall configuration shown below; then answer ...; Question 300: A FortiClient fails to establish a VPN tunnel with a FortiGa...; Question 301: A firewall policy has been configured such that traffic logg...; Question 302: What statements are true regarding FortiAnalyzer's treatment...; Question 303: A DLP rule with an action of Exempt has been matched against...

Question 258/303

LEAVE A REPLY

Download PDF File