Fortinet Fortinet Network Security Expert FCP_FMG_AD-7.4 New Questions

To create and install a policy on a FortiGate device in an ADOM (Administrative Domain) that is in backup mode, the administrator must use a FortiManager script. This is because backup mode restricts direct configuration changes, and scripts can be used to push specific configuration changes without altering the ADOM mode.

Options A, C, and D are incorrect because:

A requires the ADOM to be in normal or advanced mode to create policies directly in the Policy & Objects section.

C suggests disabling offline mode, which is irrelevant to the backup mode configuration.

D implies changing the ADOM mode, which is unnecessary if using a script to perform the task.

FortiManager References:

Refer to FortiManager 7.4 Administrator Guide: Working with ADOMs and Using Scripts for managing policies in backup mode.

Option A: To ensure database consistency, you must upgrade an ADOM before you upgrade the devices in it.This is the correct answer. When upgrading ADOMs on FortiManager, the ADOM must be upgraded first to match the FortiOS version of the devices it manages. This is necessary to ensure compatibility and consistency between the ADOM's database schema and the FortiGate's configuration.

Explanation of Incorrect Options:

Option B: Upgrading the FortiManager version upgrades all existing ADOMs automaticallyis incorrect because the ADOMs must be upgraded manually or individually after upgrading the FortiManager.

Option C: You cannot import policies from a device until its FortiOS version matches the ADOM versionis incorrect because while version matching is important, it is not strictly necessary for policy import.

Option D: ADOMs using global objects can be upgraded before or after upgrading the global database ADOMis incorrect as the order of upgrade matters to maintain compatibility.

FortiManager References:

Refer to "FortiManager Upgrade Guide" for detailed procedures on upgrading ADOMs and devices.