Fortinet nse5-fct-6-2 practice test
Fortinet NSE 5 - FortiClient EMS 6.2 Exam
Last exam update: May 09 ,2025
Question 1
What is the function of the quick scan option on FortiClient?
- A. It performs a full system scan including all files, executable files, DLLs, and drivers for threats.
- B. It scans executable files. DLLs, and drivers that are currently running, for threats.
- C. It allows users to select a specific file folder on your local hard disk drive (HDD), to scan for threats
- D. It scans programs and drivers that are currently running for threats
Answer:
D
Question 2
Which three features does FortiClient endpoint security include? (Choose three )
- A. L2TP
- B. Real-time protection
- C. DLP
- D. Vulnerability management
- E. IPsec
Answer:
B, D, E
Question 3
Refer to the exhibit.
Based on the FortiClient logs shown in the exhibit which endpoint profile policy is currently applied
to the FortiClient endpoint from the EMS server?
- A. WIK-EKVK3EA3S71
- B. Fortinet-Training
- C. Default
- D. Default configuration policy
Answer:
C
Question 4
What action does FortiClient anti-exploit detection take when it detects exploits?
- A. Terminates the compromised application process
- B. Patches the compromised application process
- C. Blocks memory allocation to the compromised application process
- D. Deletes the compromised application process
Answer:
A
Question 5
What does FortiClient do as a fabric agent? (Choose two )
- A. Provides application inventory
- B. Provides IOC verdicts
- C. Automates Responses
- D. Creates dynamic policies
Answer:
B, D
Question 6
Refer to the exhibit.
Based on the FortiClient log details shown in the exhibit, which two statements are true? (Choose
two)
- A. The file status is Quarantined
- B. The file location is \??\D: \Users
- C. The filename IS Unconfirmed 399290-crdownload.
- D. The filename is sent to FortiSandbox for further inspection.
Answer:
A, C
Question 7
Which two third-party tools can an administrator use to deploy FortiClient? (Choose two )
- A. Microsoft SCCM
- B. Microsoft Active Directory GPO
- C. MSI Editor
- D. Microsoft Windows Installer
Answer:
A, B
Question 8
Refer to the exhibit.
- A. An administrator has restored the modified XML configuration file to FortiClient and sees the error shown in the exhibit
- B. Based on the XML settings shown in the exhibit, what must the administrator do to resolve the issue with the XML configuration file?
- C. The administrator must resolve the XML syntax error. The administrator must use a password to decrypt the file The administrator must change the file size
- D. The administrator must save the file as FortiClient-config conf.
Answer:
A
Question 9
A FortiClient EMS administrator has enabled compliance rule for the sales department Which
Fortmet device will enforce compliance with dynamic access control?
- A. FortiClient EMS
- B. FortiAnalyzer
- C. FortiGate
- D. FortiClient
Answer:
C
Question 10
Which two VPN types can a FortiClient endpoint user inmate from the Windows command prompt?
(Choose two)
- A. L2TP
- B. PPTP
- C. IPSec
- D. SSL VPN
Answer:
C, D
Question 11
A new chrome book is connected in a schools network
Which component can the EMS administrator use to manage the FortiClient web filter extension
installed on the Google Chromebook endpoint?
- A. FortiClient customer URL list
- B. FortiClient web filter extension
- C. FortiClient EMS
- D. FortiClient site categories
Answer:
B
Question 12
In a FortiSandbox integration, what does the remediation option do?
- A. Wait for FortiSandbox results before allowing files
- B. Exclude specified files
- C. Alert and notify only
- D. Deny access to a file when it sees no results
Answer:
A
Question 13
Refer to the exhibit.
Based on the Security Fabric automation settings, what action will be taken on compromised
endpoints?
- A. Endpoints will be quarantined through EMS
- B. Endpoints will be banned on FortiGate
- C. An email notification will be sent for compromised endpoints
- D. Endpoints will be quarantined through FortiSwitch
Answer:
A
Question 14
Which statement about FortiClient comprehensive endpoint protection is true?
- A. It helps to safeguard systems from email spam
- B. It helps to safeguard systems from data loss.
- C. It helps to safeguard systems from DDoS.
- D. lt helps to safeguard systems from advanced security threats, such as malware.
Answer:
D
Question 15
Refer to the exhibits.
Based on the FortiGate Security Fabric settings shown in the exhibits, what must an administrator do
on the EMS server to successfully quarantine an endpoint. when it is detected as a compromised
host (loC)?
- A. The administrator must enable remote HTTPS access to EMS.
- B. The administrator must enable FQDN on EMS.
- C. The administrator must authorize FortiGate on FortiAnalyzer.
- D. The administrator must enable SSH access to EMS.
Answer:
A