New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Fortinet NSE5_FMG-7.2 Dumps Questions Answers

Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

Question 1

Which two settings must be configured for SD-WAN Central Management? (Choose two.)

Options:

A.

SD-WAN must be enabled on per-ADOM basis

B.

You can create multiple SD-WAN interfaces per VDOM

C.

When you configure an SD-WAN, you must specify at least two member interfaces.

D.

The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.

Buy Now
Question 2

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior

administrators.

How should the Workspace mode be configured on FortiManager?

Options:

A.

Set to workflow and use the ADOM locking feature

B.

Set to read/write and use the policy locking feature

C.

Set to normal and use the policy locking feature

D.

Set to disable and use the policy locking feature

Question 3

View the following exhibit.

What is the purpose of setting ADOM Mode to Advanced?

Options:

A.

The setting allows automatic updates to the policy package configuration for a managed device

B.

The setting enables the ADOMs feature on FortiManager

C.

This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

D.

The setting disables concurrent ADOM access and adds ADOM locking

Question 4

Which three settings are the factory default settings on FortiManager? (Choose three.)

Options:

A.

Username is admin

B.

Password is fortinet

C.

FortiAnalyzer features are disabled

D.

Reports and Event Monitor panes are enabled

E.

port1 interface IP address is 192.168.1.99/24

Question 5

You are moving managed FortiGate devices from one ADOM to a new ADOM.

Which statement correctly describes the expected result?

Options:

A.

Any pending device settings will be installed automatically

B.

Any unused objects from a previous ADOM are moved to the new ADOM automatically

C.

The shared policy package will not be moved to the new ADOM

D.

Policy packages will be imported into the new ADOM automaticallyD

Question 6

Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

Options:

A.

The latest revision history for the managed FortiGate does match with the FortiGate running configuration

B.

Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

C.

The latest history for the managed FortiGate does not match with the device-level database

D.

Configuration changes directly made on the FortiGate have been automatically updated to device-level

database

Question 7

When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

Options:

A.

After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

B.

FortiManager will revert and install a previous configuration revision on the managed FortiGate.

C.

FortiGate will reject the CLI commands that will cause the tunnel to go down.

D.

FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

Question 8

In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

Options:

A.

Secondary device with highest priority will automatically be promoted to the primary role, and manually

reconfigure all other secondary devices to point to the new primary device

B.

Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.

C.

Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

D.

FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.

Question 9

Refer to the exhibit.

You are using the Quick Install option to install configuration changes on the managed FortiGate.

Which two statements correctly describe the result? (Choose two.)

Options:

A.

It will not create a new revision in the revision history

B.

It installs device-level changes to FortiGate without launching the Install Wizard

C.

It cannot be canceled once initiated and changes will be installed on the managed device

D.

It provides the option to preview configuration changes prior to installing them

Question 10

An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.

Which troubleshooting step should you take to resolve the issue?

Options:

A.

Make sure FortiManager Access is enabled in the administrator profile

B.

Make sure Offline Mode is disabled

C.

Make sure the administrator IP address is part of the trusted hosts.

D.

Make sure ADOMs are enabled and the administrator has access to the Global ADOM

Question 11

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

Options:

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Question 12

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.

Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?

Options:

A.

When a new policy package is created, it automatically assigns the global policies to the new package.

B.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

C.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

D.

When a new policy package is created, you can select the option to assign the global policies to the new package.

Question 13

Which two statements regarding device management on FortiManager are true? (Choose two.)

Options:

A.

FortiGate devices in HA cluster devices are counted as a single device.

B.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.

The maximum number of managed devices for each ADOM is 500.

Question 14

Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.

What is the purpose of this command?

Options:

A.

It allows FortiGate to unset central management settings.

B.

It allows FortiGate to reboot and recover the previous configuration from its configuration file.

C.

It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

D.

It allows FortiGate to reboot and restore a previously working firmware image.

Question 15

What is the purpose of ADOM revisions?

Options:

A.

To create System Checkpoints for the FortiManager configuration.

B.

To save the current state of the whole ADOM.

C.

To save the current state of all policy packages and objects for an ADOM.

D.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Question 16

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

Options:

A.

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

B.

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

C.

The Security Fabric settings are part of the device level settings

D.

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

Question 17

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

Options:

A.

It supports the FortiManager script feature

B.

It allows making configuration changes for managed devices on FortiManager panes

C.

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

D.

You cannot assign the same ADOM to multiple administrators

Question 18

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

Options:

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Question 19

An administrator has enabled Service Access on FortiManager.

What is the purpose of Service Access on the FortiManager interface?

Options:

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Question 20

Refer to the exhibit.

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

Options:

A.

192.168.0.1/24

B.

10.200.1.0/24

C.

It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

D.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

Question 21

View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

Options:

A.

This setting will enable the ADOMs feature on FortiManager.

B.

This setting is applied globally to all ADOMs.

C.

This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.

D.

This setting will allow automatic updates to the policy package configuration for a managed device.

Question 22

Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

Options:

A.

To push these changes to a managed device, it required an install operation to the managed FortiGate.

B.

Reverting to a previous revision history will generate a new version ID and remove all other history

versions.

C.

Reverting to a previous revision history will tag the device settings status as Auto-Update.

D.

It will modify device-level database

Question 23

An administrator would like to create an SD-WAN using central management. What steps does the

administrator need to perform to create an SD-WAN using central management?

Options:

A.

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

B.

You must specify a gateway address when you create a default static route

C.

Remove all the interface references such as routes or policies

D.

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Question 24

An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?

Options:

A.

Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

B.

Changes to the AP's state must be performed directly on the managed FortiGate.

C.

Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

D.

Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.

Question 25

Refer to the exhibit

An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

Options:

A.

The administrator profile does not have full access privileges like the Super_User profile

B.

The administrator workflow is enabled on the ADOM.

C.

FortiAnalyzer features are not enabled on FortiManager

D.

The admin session requires approval before administrator can see the FortiAnalyzer feature panes.

Question 26

An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface?

Options:

A.

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

B.

It allows FortiManager to determine the connection status of managed devices.

C.

It allows administrative access to FortiManager.

D.

It allows third-party applications to gain read/write access to FortiManager.

Question 27

An administrator is replacing a failed device on FortiManager by running the following command:

execute device replace sn .

Which device name and serial number must the administrator use?

Options:

A.

The device name of the new device and serial number of the failed device

B.

The device name and serial number of the failed device

C.

The device name of the failed device and serial number of the new device

D.

The device name and serial number of the new device

Question 28

What will happen if FortiAnalyzer features are enabled on FortiManager?

Options:

A.

FortiManager will keep all the logs and reports on the FortiManager.

B.

FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.

C.

FortiManager will install the logging configuration to the managed devices

D.

FortiManager can be used only as a logging device.

Question 29

Which three settings are the factory default settings on FortiManager? (Choose three.)

Options:

A.

The administrative domain is disabled.

B.

The Port1 interface IP address is 192.168.1.99/24.

C.

Management Extension applications are enabled.

D.

The FortiManager setup wizard is disabled.

E.

FortiAnalvzer features are disabled.

Question 30

Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

Options:

A.

Backs up all devices and the FortiGuard database.

B.

Does not back up firmware images saved on FortiManager

C.

Supports FTP, SCP, and SFTP

D.

Can be configured from the CLI and GUI