Is the NSE5-FSW-AD-7-6 practice exam free?

Yes. ExamCademy offers all 34 NSE5-FSW-AD-7-6 practice questions for free with a registered account. No payment needed. Optional supporter features add AI explanations and spaced repetition study tools.

How accurate are the NSE5-FSW-AD-7-6 practice questions?

All NSE5-FSW-AD-7-6 questions are community-created and reviewed by moderators to align with Fortinet's published exam objectives. The community continuously reports and fixes issues to keep content accurate and up to date.

How should I study for the NSE5-FSW-AD-7-6 exam?

Start by browsing practice questions to identify weak areas. Use spaced repetition (Learn Mode) to focus study time on topics you struggle with. Combine practice questions with official Fortinet documentation and hands-on experience for best results.

NSE5-FSW-AD-7-6 Practice Exam — Free 34+ Questions

34Practice Questions

3Study Modes

FreeTo Get Started

Topic:Sort:

Question 1

Network Security

Question 2

Enterprise Networking

Question 3

Enterprise Networking

Question 4

Network Security

Question 5

Network Security

Question 6

Network Security

Question 7

Enterprise Networking

Question 8

Network Security

Question 9

Enterprise Networking

Question 10

Enterprise Networking

Question 11

Enterprise Networking

Question 12

Enterprise Networking

Question 13

Enterprise Networking

Question 14

Enterprise Networking

That's the end of the Preview

This exam has 34 community-verified practice questions. Create a free account to access all questions, comments, and explanations.

Topics covered:

Enterprise NetworkingNetwork Security

Log In / Sign Up

Page 1 of 2 • Questions 1-25 of 34

1 2

→

Know a question that should be here? Contribute to this exam

Which two are valid traffic processing actions that a FortiSwitch access control list (ACL) can apply to matching traffic? (Choose two.)

A Redirect frames to another port.
B Assign traffic to a high-priority egress queue.
C Encrypt frames.
D Drop frames.

You are configuring FortiSwitch to perform layer 3 inter-VLAN routing while managed by FortiGate over FortiLink. On supported hardware models, FortiSwitch can offload routing decisions for better performance.
How does FortiSwitch perform routing between VLANs?

A By using a hardware forwarding table (FIB) programmed into ASIC.
B By supporting only dynamic routing protocols in hardware.
C By disabling routing when managed by FortiGate.
D By relying entirely on the CPU in software.

You are deploying a small office network with a single FortiGate and a single FortiSwitch. The office currently has moderate traffic, but the IT team expects the network to grow in the near future, adding more FortiSwitch devices and endpoints.
Which FortiLink configuration should you deploy to provide the best combination of current performance and scalability for future growth?

A Configure FortiLink using hardware-based switch interfaces.
B Configure FortiLink using software-based switch interfaces.
C Configure FortiLink as a link aggregation group (LAG) interface.
D Configure FortiLink as a multichassis LAG (MCLAG) interface.

When Dynamic Host Configuration Protocol (DHCP) snooping is enabled on a FortiSwitch VLAN, which two statements are true? (Choose two.)

A DHCP replies are accepted only on trusted ports.
B DHCP snooping blocks all unicast traffic.
C Option 82 can be inserted into DHCP requests.
D DHCP requests are dropped if sent from trusted ports.

Which two statements about the FortiLink authorization process are true? (Choose two.)

A A FortiLink frame is sent by FortiGate to FortiSwitch to complete the authorization.
B FortiLink authorization sets the FortiSwitch management mode to FortiLink.
C FortiSwitch requires a reboot to complete the authorization process.
D FortiLink authorization permanently erases the existing configuration of the FortiSwitch.

In which two ways can you assign a FortiSwitch port to a VDOM using a multi-tenancy setup? (Choose two.)

A Assign the switch port to a VLAN on FortiGate and perform VDOM mapping
B Create a virtual port pool on the FortiGate CLI.
C Assign a port to a VDOM directly on the managed FortiSwitch.
D Switch the FortiLink interface to the target VDOM.

When you change FortiSwitch management mode from standalone to managed, what happens to the existing standalone configuration?

A FortiSwitch registers to FortiSwitch Cloud to save a copy before managing with FortiGate.
B FortiSwitch merges the existing standalone configuration with the default FortiLink configuration.
C FortiSwitch saves the standalone configuration and changes to the default FortiLink configuration.
D FortiGate automatically saves the existing FortiSwitch configuration during the FortiLink management process.

Refer to the exhibits.

Network Topology -

Question Image

DHCP Snooping database -

Question Image

All three FortiSwitch-connected ports are configured in VLAN 10.
FortiGate acts as the Dynamic Host Configuration Protocol (DHCP) server and is connected to a DHCP snooping trusted trunk port. PC1 and PC2 are connected to ports configured as untrusted for DAI, and no static bindings are configured in the IP source guard (IPSG) database.
PC2 is compromised and attempts to spoof the FortiGate IP address by sending forged Address Resolution Protocol (ARP) replies with its own MAC address.
What will FortiSwitch do with the ARP packets from PC2?

A Forward the ARP replies because there are no IPSG bindings blocking them.
B Accept the ARP replies because the VLAN has DAI enabled and FortiGate is a trusted DHCP server.
C Forward the ARP replies to all VLAN 10 ports because DAI is only active on trusted ports.
D Drop the ARP replies because they fail DAI validation against the DHCP snooping database.

Refer to the exhibit.

Commands -

Question Image

The LLDP profile shown in the exhibit was configured to detect IP phones and automatically assign them to the appropriate VLAN. You apply this LLDP profile on a FortiSwitch port.
Which configuration should you enable on the FortiSwitch profile to collect detailed information about all the connected IP phones?

A Create a new LLDP profile to handle different LLDP-MED TLVs.
B Configure a dedicated voice VLAN with DSCP 46.
C Enable LLDP-MED inventory management TLVs.
D Enable auto-isl.

You are deploying a FortiSwitch virtual stack in a network that contains Cisco devices. You want the Cisco devices to automatically discover the FortiSwitch devices and exchange device information.
Which two protocols must be enabled on the FortiSwitch devices to achieve this? (Choose two.)

A Unidirectional Link Detection
B Cisco Discovery Protocol
C Link Layer Discovery Protocol
D LLDP - Media Endpoint Discovery

Refer to the exhibit.

Topology view -

Question Image

You just connected three FortiSwitch devices: Core-1, Core-2, and Access-1. Core-1 and Core-2 both connect to Access-1 for redundancy.
All switches are managed by FortiGate, which uses port4 as the FortiLink interface. After you enable the uplink ports on Core-2, you notice that port3 on Access-1 enters the Discarding STP state.
What is the most likely cause of this behavior?

A Bridge Protocol Data Unit (BPDU) Guard is enabled, which shuts down the port after it receives BPDUs.
B Access-1 is not authorized by FortiGate.
C Core-2 has the lowest bridge priority.
D FortiGate is not running Spanning Tree Protocol (STP) on the FortiLink interface.

You are configuring VLANs on a FortiSwitch device managed by FortiGate.
Which two statements accurately describe VLAN assignment requirements and behavior on FortiSwitch ports? (Choose two.)

A Untagged defines the list of VLANs that are allowed on the port for both ingress and egress traffic.
B Untagged VLAN applies to egress traffic only.
C You can assign only one native VLAN on a port.
D VLAN assignments must be configured directly on the FortiSwitch.

Refer to the exhibit.

Network Topology -

Question Image

PC1 and PC2 are connected to port1 on FortiSwitch.
Which VLAN tags will FortiSwitch apply when forwarding PC1 and PC2 traffic out of port2?

A FortiSwitch will tag PC1 and PC2 frames with VLAN 20.
B FortiSwitch will tag both PC1 and PC2 frames with VLAN 10, due to MAC override.
C FortiSwith will tag PC1 frames with VLAN 10 and PC2 frames with VLAN 20.
D FortiSwitch will leave PC1 frames untagged and will tag PC2 frames with VLAN 10.

What is one key advantage of using a sniffer profile on FortiSwitch compared to using the sniffer command?

A It allows packet capture on all switch ports without limitations.
B It eliminates the need to use access control lists (ACLs) or port mirroring for analysis.
C It automatically filters irrelevant traffic types.
D It automatically decrypts SSL/TLS traffic for full packet inspection.

NSE5-FSW-AD-7-6Preview

About the NSE5-FSW-AD-7-6 Exam

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

That's the end of the Preview

NSE5-FSW-AD-7-6Preview

About the NSE5-FSW-AD-7-6 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

That's the end of the Preview