CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE5_FMG-7.0 Dumps Questions Answers

Page: 1 / 6
Total 79 questions
Get NSE5_FMG-7.0 Full Access Download NSE5_FMG-7.0 PDF

Fortinet NSE 5 - FortiManager 7.0 Questions and Answers

Question 1

Refer to the exhibit.

An administrator is about to add the FortiGate device to FortiManager using the discovery process FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings

What is the expected result?

Options:

A.

During discovery FortiManager sets trie FortiManager NATed IP address on FortiGate

B.

During discovery FortiManager sets both tie FortiManager NATed IP address and NAT device IP address on FortiGate

C.

During discovery FortiManager sets the NATed device IP address on FortiGate

D.

During discovery FortiManager uses only the FortiGate serial number to establish the connection

Buy Now
Question 2

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

Options:

A.

Managed gateways are devices managed by FortiManager in the same ADOM

B.

External gateways are third-party VPN gateway devices only

C.

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

D.

Managed devices in other ADOMs must be treated as external gateways

Question 3

Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

Options:

A.

Backs up all devices and the FortiGuard database.

B.

Does not back up firmware images saved on FortiManager

C.

Supports FTP, SCP, and SFTP

D.

Can be configured from the CLI and GUI

Question 4

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

Options:

A.

When you configure MEA, you must open TCP or UDP port 540.

B.

You must open the ports to the Fortinet registry

C.

You must create a MEA special policy on FortiManager using the super user profile

D.

The administrator must have the super user profile.

Question 5

What does a policy package status of Modified indicate?

Options:

A.

FortiManager is unable to determine the policy package status

B.

The policy package was never imported after a device was registered on FortiManager

C.

The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager

D.

The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

Question 6

Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

Options:

A.

FortiManager ignored the firewall service category General but created a new service category in its database.

B.

FortiManager ignored the firewall service category general and deleted the duplicate value In Its database

C.

FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

D.

FortiManager ignored the firewall service category General and did not update Its database with the value

Question 7

Refer to the exhibit.

You ate using the Quick install option to install configuration changes on the managed FortiGate

Which two statements correctly describe the result? (Choose two)

Options:

A.

It installs device-level changes on the FortiGate device without launching the Install Wizard

B.

It installs all the changes in the device database first and the administrator must reinstall the changes on the FodiGate device

C.

It provides the option to preview only the policy package changes before installing them

D.

It install provisioning template changes on the FortiGate device

Question 8

In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric.

Given the administrator's actions, which statement correctly describes the expected result?

Options:

A.

The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.

B.

The authorized FortiGate will be automatically added to the Training ADOM.

C.

The authorized FortiGate will appear in the root ADOM.

D.

The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.

Question 9

Which three settings are the factory default settings on FortiManager? (Choose three.)

Options:

A.

Username is admin

B.

Password is fortinet

C.

FortiAnalyzer features are disabled

D.

Reports and Event Monitor panes are enabled

E.

port1 interface IP address is 192.168.1.99/24

Question 10

View the following exhibit.

Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

Options:

A.

The Install On column value represents successful installation on the managed devices

B.

Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets

C.

Policy seq#3 will be installed on the Trainer[NAT] VDOM only

D.

Policy seq#3 will be not installed on any managed device

Question 11

When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

Options:

A.

After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

B.

FortiManager will revert and install a previous configuration revision on the managed FortiGate.

C.

FortiGate will reject the CLI commands that will cause the tunnel to go down.

D.

FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

Question 12

Refer to the exhibit.

You are using the Quick Install option to install configuration changes on the managed FortiGate.

Which two statements correctly describe the result? (Choose two.)

Options:

A.

It will not create a new revision in the revision history

B.

It installs device-level changes to FortiGate without launching the Install Wizard

C.

It cannot be canceled once initiated and changes will be installed on the managed device

D.

It provides the option to preview configuration changes prior to installing them

Question 13

View the following exhibit:

Which two statements are true if the script is executed using the Remote FortiGate Directly (via CLI) option? (Choose two.)

Options:

A.

You must install these changes using Install Wizard

B.

FortiGate will auto-update the FortiManager’s device-level database.

C.

FortiManager will create a new revision history.

D.

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

Question 14

View the following exhibit.

What is the purpose of setting ADOM Mode to Advanced?

Options:

A.

The setting allows automatic updates to the policy package configuration for a managed device

B.

The setting enables the ADOMs feature on FortiManager

C.

This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

D.

The setting disables concurrent ADOM access and adds ADOM locking

Question 15

What is the purpose of the Policy Check feature on FortiManager?

Options:

A.

To find and provide recommendation to combine multiple separate policy packages into one common

policy package

B.

To find and merge duplicate policies in the policy package

C.

To find and provide recommendation for optimizing policies in a policy package

D.

To find and delete disabled firewall policies in the policy package

Question 16

View the following exhibit, which shows the Download Import Report:

Why it is failing to import firewall policy ID 2?

Options:

A.

The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate

B.

Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager

C.

Policy ID 2 does not have ADOM Interface mapping configured on FortiManager

D.

Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

Question 17

Refer to the exhibit.

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

Options:

A.

192.168.0.1/24

B.

10.200.1.0/24

C.

It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

D.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

Question 18

Refer to the exhibit.

Which two statements are true if the script is executed using the Device Database option? (Choose two.)

Options:

A.

You must install these changes using the Install Wizard to a managed device

B.

The successful execution of a script on the Device Database will create a new revision history

C.

The script history will show successful installation of the script on the remote FortiGate

D.

The Device Settings Status will be tagged as Modified

Question 19

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

Options:

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Question 20

Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

Options:

A.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

B.

The administrator profile does not have full access privileges like the Super_User profile.

C.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

D.

FortiAnalyzer features are not enabled on FortiManager.

Question 21

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

Options:

A.

It supports the FortiManager script feature

B.

It allows making configuration changes for managed devices on FortiManager panes

C.

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

D.

You cannot assign the same ADOM to multiple administrators

Question 22

What is the purpose of ADOM revisions?

Options:

A.

To create System Checkpoints for the FortiManager configuration.

B.

To save the current state of the whole ADOM.

C.

To save the current state of all policy packages and objects for an ADOM.

D.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Question 23

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

Options:

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Exam Detail
Vendor: Fortinet
Certification: Fortinet Other Certification
Exam Code: NSE5_FMG-7.0
Exam Name: Fortinet NSE 5 - FortiManager 7.0
Last Update: Dec 22, 2024
NSE5_FMG-7.0 Question Answers
Page: 1 / 6
Total 79 questions
Get NSE5_FMG-7.0 Full Access Download NSE5_FMG-7.0 PDF