● NSE 5 - FortiSwitch 7.6 Administrator Exam Materials
Question #1
Question #2
How does FortiSwitch determine the route for traffic traversing its interfaces? (Choose one answer)
- A. Hardware-based routing on FortiSwitch is handled by the CPU.
- B. ASIC hardware routing can handle only dynamic routing, if supported.
- C. FortiSwitch looks up the hardware routing table and then the forwarding information base (FIB).
- D. FortiSwitch forwards all traffic to FortiGate for routing decisions.
Question #3
Refer to the exhibit.
You run the command diagnose switch-controller switch-info loopguard access-1 and see that the MAC-Move column displays a value of 0 for port1.
What does this indicate?
(Choose one answer)
- A. Loop guard is disabled on port1.
- B. Port1 is not being monitored by loop guard.
- C. The MAC move feature is not enabled.
- D. Port1 will shut down if a loop occurs on any VLAN.
Question #4
What happens if FortiSwitch fails to discover either FortiEdge Cloud or a FortiGate with FortiLink? (Choose one answer)
- A. It switches to FortiLink mode by default.
- B. It remains in local management mode.
- C. It requires manual reimaging.
- D. It disables auto-network.
Question #5
Refer to the exhibit.
The command diagnose switch physical-ports summary is executed on FortiSwitch.
Based on the VLAN assignments shown in the output, what is the most likely management configuration of this FortiSwitch?
(Choose one answer)
- A. FortiSwitch is managed by FortiSwitch Cloud.
- B. FortiSwitch is managed by FortiGate.
- C. FortiSwitch is operating in standalone mode.
- D. FortiSwitch is operating in local mode.
Question #6
Refer to the exhibit.
You configured Switched Port Analyzer (SPAN) to monitor traffic from a source port on FortiSwitch 1, but the monitoring device is connected to FortiSwitch 2. After port mirroring configuration on FortiSwitch 1, the monitoring device is not receiving any mirrored traffic.
What is the most likely reason the mirrored traffic is not reaching the monitoring device?
(Choose one answer)
- A. SPAN does not support forwarding mirrored traffic across multiple switches.
- B. SPAN traffic must be filtered with an access control list (ACL).
- C. The SPAN session must be restarted after configuration.
- D. The monitoring device must use a management IP in the same subnet.
Question #7
A FortiGate is connected to a pair of FortiSwitch devices.
For redundancy, FortiGate must use uplinks on both switches simultaneously without depending on Spanning Tree Protocol (STP).
Which configuration is required?
(Choose one answer)
- A. Multi-tier topology
- B. Multichassis link aggregation group (MCLAG)
- C. Full mesh high availability (HA)
- D. Link aggregation group (LAG)
Question #8
What is an advantage of using a FortiSwitch stack in managed switch mode with FortiGate when deploying VLANs? (Choose one answer)
- A. FortiGate executing the routing and FortiSwitch managing its configuration.
- B. Ensuring VLAN traffic can pass between connected switches in the stack.
- C. FortiGate no longer needing to manage any VLAN configuration.
- D. FortiGate provides visibility and control for inter-vlan traffic.
Question #9
What is one key advantage of using a sniffer profile on FortiSwitch compared to using the sniffer command? (Choose one answer)
- A. It allows packet capture on all switch ports without limitations.
- B. It eliminates the need to use access control lists (ACLs) or port mirroring for analysis.
- C. It automatically filters irrelevant traffic types.
- D. It automatically decrypts SSL/TLS traffic for full packet inspection.
Question #10
Refer to the exhibits.
Three FortiSwitch devices were recently configured to be managed by FortiGate. Two are managed successfully, but FortiSwitch Access-1 is not.
Based on the configuration output, which initial change is required for FortiSwitch Access-1 to be managed?
(Choose one answer)
- A. Assign a static IP on FortiSwitch Access-1.
- B. Change its Control and Provisioning of Wireless Access Points (CAPWAP) settings.
- C. Set Access-1 internal interface mode to DHCP.
- D. Change the NTP server.
Refer to the exhibit.
Which information does FortiGate use to generate the port details in the FortiSwitch Faceplates view? (Choose one answer)