Winter Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

DumpsWrap Logo

Fortinet NSE5_FMG-7.2 Dumps

Page: 1 / 10
Total 101 questions
Get NSE5_FMG-7.2 Full Access Download NSE5_FMG-7.2 PDF

Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

Question 1

View the following exhibit.

as

An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

Options:

A.

The unused objects that are not tied to the firewall policies will be installed on FortiGate

B.

The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate

C.

The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted

D.

The unused objects that are not tied to the firewall policies in policy package will be deleted from the

FortiManager database

Question 2

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior

administrators.

How should the Workspace mode be configured on FortiManager?

Options:

A.

Set to workflow and use the ADOM locking feature

B.

Set to read/write and use the policy locking feature

C.

Set to normal and use the policy locking feature

D.

Set to disable and use the policy locking feature

Question 3

View the following exhibit:

as

Which two statements are true if the script is executed using the Remote FortiGate Directly (via CLI) option? (Choose two.)

Options:

A.

You must install these changes using Install Wizard

B.

FortiGate will auto-update the FortiManager’s device-level database.

C.

FortiManager will create a new revision history.

D.

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

Question 4

View the following exhibit.

as

Which statement is true regarding this failed installation log?

Options:

A.

Policy ID 2 is installed without a source address

B.

Policy ID 2 will not be installed

C.

Policy ID 2 is installed in disabled state

D.

Policy ID 2 is installed without a source device

Question 5

What are two outcomes of ADOM revisions? (Choose two.)

Options:

A.

ADOM revisions can significantly increase the size of the configuration backups.

B.

ADOM revisions can save the current size of the whole ADOM

C.

ADOM revisions can create System Checkpoints for the FortiManager configuration

D.

ADOM revisions can save the current state of all policy packages and objects for an ADOM

Question 6

What is the purpose of the Policy Check feature on FortiManager?

Options:

A.

To find and provide recommendation to combine multiple separate policy packages into one common

policy package

B.

To find and merge duplicate policies in the policy package

C.

To find and provide recommendation for optimizing policies in a policy package

D.

To find and delete disabled firewall policies in the policy package

Question 7

View the following exhibit.

as

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

Options:

A.

FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

B.

FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on

FortiGate under central management.

C.

During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

D.

If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Question 8

An administrator wants to delete an address object that is currently referenced in a firewall policy.

What can the administrator expect to happen?

Options:

A.

FortiManager will not allow the administrator to delete a referenced address object

B.

FortiManager will disable the status of the referenced firewall policy

C.

FortiManager will replace the deleted address object with the none address object in the referenced

firewall policy

D.

FortiManager will replace the deleted address object with all address object in the referenced firewall policy

Question 9

An administrator run the reload failure command: diagnose test deploymanager reload config

on FortiManager. What does this command do?

Options:

A.

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

B.

It installs the latest configuration on the specified FortiGate and update the revision history database.

C.

It compares and provides differences in configuration on FortiManager with the current running

configuration of the specified FortiGate.

D.

It installs the provisioning template configuration on the specified FortiGate.

Question 10

Refer to the exhibit.

as

Which statement about the object named ALL is true?

Options:

A.

FortiManager updated the object ALL using the FortiGate value in its database.

B.

FortiManager installed the object ALL with the updated value.

C.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.

FortiManager updated the object ALL using the FortiManager value in its database.

Question 11

Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

Options:

A.

Backs up all devices and the FortiGuard database.

B.

Does not back up firmware images saved on FortiManager

C.

Supports FTP, SCP, and SFTP

D.

Can be configured from the CLI and GUI

Question 12

Refer to the exhibit

as

An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

Options:

A.

The administrator profile does not have full access privileges like the Super_User profile

B.

The administrator workflow is enabled on the ADOM.

C.

FortiAnalyzer features are not enabled on FortiManager

D.

The admin session requires approval before administrator can see the FortiAnalyzer feature panes.

Question 13

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package Fortinet in the custom ADOM1. What will happen to the Fortinet policy package when it is created?

Options:

A.

You need to assign the global policy package from the global ADOM

B.

You need to reapply the global poky package to the ADOM

C.

it automatically assigns the global policies

D.

You can select the option to assign the global polices

Question 14

What does a policy package status of Never Installed indicate?

Options:

A.

The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager.

B.

FortiManager is unable to determine the policy package status.

C.

The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

D.

The policy package was never imported after a device was registered on FortiManager

Question 15

Refer to the exhibit.

as

Given the configuration shown in the exhibit, what can you conclude from the installation targets m the Install On column? (Choose two)

Options:

A.

Policy seq # 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target

B.

Policy seq # 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets

C.

Policy seq # 1 will be installed on the Remoto-FortiGate root[NAT] and Student[NAT] VDOMs only

D.

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM

E.

Policy seq # 3 will be skipped because no installation targets are specified

Question 16

An administrator is replacing a failed device on FortiManager by running the following command:

execute device replace sn .

Which device name and serial number must the administrator use?

Options:

A.

The device name of the new device and serial number of the failed device

B.

The device name and serial number of the failed device

C.

The device name of the failed device and serial number of the new device

D.

The device name and serial number of the new device

Question 17

Refer to the exhibit showing a Download Import Report.

Why is it failing to import firewall policy ID 1?

Options:

A.

Policy ID 1 is configured from the interface any to port6. FortiManager rejects the request to import this policy because the any interface does not exist on FortiManager.

B.

The address object used in policy ID 1 already exists in the ADOM database with any as the interface association, and conflicts with the address object interface association locally on FortiGate.

C.

Policy ID 1 does not have the ADOM Interface mapping configured on FortiManager.

D.

Policy ID 1 for this managed FortiGate already exists on FortiManager in the policy package named Remote-FortiGate.

Question 18

Refer to the exhibit.

as

A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access onlytoMy_ADOM.

How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package?

Options:

A.

The service provider administrator can unassign both policies from the global ADOM.

B.

The service provider administrator can unassign both global policies from My_ADOM.

C.

The customer administrator can unassign both polices by locking My_ADOM.

D.

The customer administrator can unassign both global polices from My_ADOM.

Question 19

Refer to the exhibit.

as

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

Options:

A.

FortiManager ignored the firewall service category General but created a new service category in its database.

B.

FortiManager ignored the firewall service category general and deleted the duplicate value In Its database

C.

FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

D.

FortiManager ignored the firewall service category General and did not update Its database with the value

Question 20

Refer to the exhibit.

as

What can you conclude from the failed installation log shown in the exhibit?

Options:

A.

Policy ID 2 will not be installed.

B.

Policy ID 2 is installed in the disabled state.

C.

Policy ID 2 is installed without a source address.

D.

Policy ID 2 is installed without the remote user student.

Question 21

Refer to the exhibit.

as

Which two statements are true if the script is executed using the Device Database option? (Choose two.)

Options:

A.

You must install these changes using the Install Wizard to a managed device

B.

The successful execution of a script on the Device Database will create a new revision history

C.

The script history will show successful installation of the script on the remote FortiGate

D.

The Device Settings Status will be tagged as Modified

Question 22

Refer to the exhibit.

as

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

Options:

A.

It allows two or more administrators to make configuration changes at the same time, in the same ADOM.

B.

It disables concurrent read-write access to an ADOM.

C.

It allows the same administrator to lock more than one ADOM at the same time.

D.

It is used to validate administrator login attempts through external servers.

Question 23

Refer to the exhibit.

as

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

Options:

A.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

B.

The administrator profile does not have full access privileges like the Super_User profile.

C.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

D.

FortiAnalyzer features are not enabled on FortiManager.

Question 24

Refer to the exhibit.

as

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

Options:

A.

192.168.0.1/24

B.

10.200.1.0/24

C.

It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

D.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

Question 25

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

Options:

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Question 26

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

Options:

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Question 27

Which two statements regarding device management on FortiManager are true? (Choose two.)

Options:

A.

FortiGate devices in HA cluster devices are counted as a single device.

B.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.

The maximum number of managed devices for each ADOM is 500.

Question 28

What is the purpose of ADOM revisions?

Options:

A.

To create System Checkpoints for the FortiManager configuration.

B.

To save the current state of the whole ADOM.

C.

To save the current state of all policy packages and objects for an ADOM.

D.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Question 29

An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash.

How can the administrator unlock the ADOM?

Options:

A.

Restore the configuration from a previous backup.

B.

Log in as Super_User in order to unlock the ADOM.

C.

Log in using the same administrator account to unlock the ADOM.

D.

Delete the previous admin session manually through the FortiManager GUI or CLI.

Question 30

An administrator has enabled Service Access on FortiManager.

What is the purpose of Service Access on the FortiManager interface?

Options:

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Load More NSE5_FMG-7.2 Questions
Page: 1 / 10
Total 101 questions
Get NSE5_FMG-7.2 Full Access Download NSE5_FMG-7.2 PDF