Special Summer Sale Discount Flat 70% Offer - Ends in 0d 00h 00m 00s - Coupon code: 70diswrap

Fortinet FCP_FMG_AD-7.4 Dumps

FCP - FortiManager 7.4 Administrator Questions and Answers

Question 1

Which configuration setting for FortiGate is part o an ADOM-level database on FortiManager?

Options:

A.

NSX-T Service Template

B.

Routing

C.

SNMP

D.

Security profiles

Question 2

Push updates are failing on a FortiGate device that is located behind a NAT device. Which two settings should the administrator check? (Choose two.)

Options:

A.

That the override server IP address is set on FortiManager and the NAT device

B.

That the external IP address on the NAT device is set to DHCP and configured with the virtual IP

C.

That the NAT device IP address and correct ports are configured on FortiManager

D.

That the virtual IP address and correct ports are set on the NAT device

Question 3

Refer to the exhibit.

as

An administrator has created a firewall address object that is used in multiple policy packages for multiple FortiGate devices in an ADOM.

After the installation operation is performed, which IP/netmask will be installed on Local-FortiGate for theLOCAL_SUBNETfirewall address object?

Options:

A.

192.168.1.0/24

B.

Local-FortiGate automatically chooses an IP/netmask based on its network interface settings.

C.

It will create two firewall address objects on Local-FortiGate with 192.168.1.0/24 and 10.0.5.0/24 values.

D.

10.0.5.0/24

Question 4

Exhibit.

as

Given the configuration shown in the exhibit, what are two results from this configuration? {Choose two.)

Options:

A.

You can validate administrator login attempts through external servers.

B.

The same administrator can lock more than one ADOM at the same time.

C.

Two or more administrators can make configuration changes at the same time, in the same ADOM.

D.

Concurrent read-write access to an ADOM is disabled.

Question 5

An administrator created a new ADOM named Training for FortiGate devices only, and added the root FortiGate device of a Security Fabric group to the Training ADOM.

Given the administrator's actions, which statement correctly describes the expected result for the downstream devices in the Security Fabric?

Options:

A.

The downstream devices show as unauthorized in the Training ADOM

B.

The downstream devices are automatically authorized.

C.

The downstream devices will appear in the root ADOM.

D.

The downstream devices must be added using the Add Device wizard.

Question 6

What does a policy package status of Never Installed indicate?

Options:

A.

FortiManager is unable to determine the policy package status.

B.

The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager.

C.

The policy package was never imported after a device was registered on FortiManager.

D.

The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

Question 7

Exhibit.

as

Which two statements about the output are true? (Choose two.)

Options:

A.

The latest revision history for the managed FortiGate does not match the device-level database.

B.

Configuration changes have been installed on FortiGate, which means the FortiGate configuration has been changed.

C.

Configuration changes directly made on FortiGate have been automatically updated to the device-level database.

D.

The latest revision history for the managed FortiGate does match the FortiGate running configuration.

Question 8

An administrator created a new global policy package that includes header and footer policies and then assigned it to an ADOM. What are two outcomes of this action? (Choose two.)

Options:

A.

To assign another global policy package later to the same ADOM. you must unassign this policy first.

B.

After you assign the global policy package to an ADOM. the impacted policy packages become hidden in that ADOM.

C.

You can edit or delete all the global objects in the global ADOM.

D.

You must manually move the header and footer policies after the policy assignment.

Question 9

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package. Fortinet. in the custom ADOM1. What happens to the Fortinet policy package when it is created?

Options:

A.

You must assign the global policy package from the global ADOM.

B.

The global policy package is automatically assigned.

C.

You must reapply the global policy package to ADOM1.

D.

You can select the option to assign the global policies.

Question 10

Refer to the exhibit.

as

A service provider administrator has assigned a global policy package to a managed customer ADOM namedMy_ADOM, which has four policy packages. The customer administrator has access only toMy_ADOM.

How can the customer or service provider administrators remove the global header policy from the policy package namedShared_Package?

Options:

A.

The service provider administrator can unassign the global policy from My_ADOM.

B.

The customer administrator can unassign the global policy from My_ADOM.

C.

The customer administrator can unassign the policy by locking My_ADOM.

D.

The service provider administrator can unassign the policy from the global ADOM.

Question 11

Refer to the exhibit.

as

An administrator is about to add the FortiGate device to FortiManager using the discovery process.

FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings.

What is the expected result?

Options:

A.

During discovery. FortiManager uses only the FortiGate serial number to establish the connection.

B.

During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate.

C.

During discovery. FortiManager sets the NATed device IP address on FortiGate.

D.

During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate.

Question 12

Which API method is used to create objects or overwrite existing ones?

Options:

A.

Set

B.

Add

C.

Exec

D.

Update

Question 13

Which statement about the policy lock feature on FortiManager is true?

Options:

A.

Policy locking is available in workspace normal mode.

B.

Locking a policy takes precedence over a locked ADOM.

C.

When a policy is locked, the ADOM that contains it is also locked.

D.

Administrators in the approval group can work concurrently on a locked policy.

Question 14

An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface?

Options:

A.

It allows administrative access to FortiManager.

B.

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

C.

It allows third-party applications to gain read/write access to FortiManager.

D.

It allows FortiManager to determine the connection status of managed devices.

Question 15

What are two outcomes of ADOM revisions? (Choose two.)

Options:

A.

ADOM revisions can create System Checkpoints for the FortiManager configuration.

B.

ADOM revisions can save the current state of the whole ADOM.

C.

ADOM revisions can significantly increase the size of the configuration backups.

D.

ADOM revisions can save the current state of all policy packages and objects for an ADOM.

Question 16

An administrator is in the process of copying a system template profile between ADOMs by running the following command: execute fmprofile import-profile ADOM2 3547 /tmp/myfile Where does this command import the system template profile from?

Options:

A.

FortiManager file system

B.

ADOM2 object database

C.

ADOM2 device database

D.

Source ADOM policy database

Question 17

An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session.

What can prevent an admin account that has Super_User rights over the device from approving a workflow session?

Options:

A.

Trainer is not a part of workflow approval group.

B.

Trainer must close Student's workflow session before approving the request.

C.

Trainer must first create their own workflow session to approve student session.

D.

Trainer does not have full rights over this ADOM.

Question 18

If both FortiManager and FortiGate are behind NAT devices, what are the two expected results? (Choose two.)

Options:

A.

FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

B.

FortiGate can announce itself to FortiManager only if the FortiManager non-NATed IP address is configured on FortiGate under central management.

C.

If the FGFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

D.

During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

Page: 1 / 6
Total 61 questions