NSE5_FMG-7.2 Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

The administrator must use the Policy & Objects section to create a policy first.

The administrator must use the FortiManager script.

The administrator must disable the FortiManager offline mode first.

The administrator must change the ADOM mode to Advanced to bring the FortiManager online.

That the virtual IP address and correct ports are set on the NAT device

That the NAT device IP address and correct ports are configured on FortiManager

That the external IP address on the NAT device is set to DHCP and configured with the virtual IP

That the override server IP address is set on FortiManager and the NAT device

NSX-T Service Template

Security profiles

SNMP

Routing

Policy ID 2 will not be installed.

Policy ID 2 is installed in the disabled state.

Policy ID 2 is installed without a source address.

Policy ID 2 is installed without the remote user student.

You need to assign the global policy package from the global ADOM

You need to reapply the global poky package to the ADOM

it automatically assigns the global policies

You can select the option to assign the global polices

Specify a gateway address when you create a default SD-WAN static route

Enable SD-WAN central management in the Training ADOM

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN

template settings

Remove all the interface references such as routes or policies that will be a part of SD-WAN member

interfaces

The administrator had restored the FortiManager configuration file

The administrator must refresh both devices to restore connectivity

FortiManager test internet connectivity therefore, both devices appear to be down

The administrator can reclaim the FGFM tunnel to get both devices online

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

It allows FortiManager to determine the connection status of managed devices.

It allows administrative access to FortiManager.

It allows third-party applications to gain read/write access to FortiManager.

To push these changes to a managed device, it required an install operation to the managed FortiGate.

Reverting to a previous revision history will generate a new version ID and remove all other history

versions.

Reverting to a previous revision history will tag the device settings status as Auto-Update .

It will modify device-level database

This setting will enable the ADOMs feature on FortiManager.

This setting is applied globally to all ADOMs.

This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.

This setting will allow automatic updates to the policy package configuration for a managed device.

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

It installs the latest configuration on the specified FortiGate and update the revision history database.

It compares and provides differences in configuration on FortiManager with the current running

configuration of the specified FortiGate.

It installs the provisioning template configuration on the specified FortiGate.

To find and provide recommendation to combine multiple separate policy packages into one common

policy package

To find and merge duplicate policies in the policy package

To find and provide recommendation for optimizing policies in a policy package

To find and delete disabled firewall policies in the policy package

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM.

Policy seq.# 3 will be skipped because no installation targets are specified.

Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.

Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target.

Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only.

Secondary device with highest priority will automatically be promoted to the primary role, and manually

reconfigure all other secondary devices to point to the new primary device

Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.

Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.

Username is admin

Password is fortinet

FortiAnalyzer features are disabled

Reports and Event Monitor panes are enabled

port1 interface IP address is 192.168.1.99/24

From the list of configured override servers with ability to fall back to public FDN servers

From the configured override server list only

From the default server fdsl.fortinet.com

From public FDNI server with highest index number only

The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate

Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager

Policy ID 2 does not have ADOM Interface mapping configured on FortiManager

Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

It supports the FortiManager script feature

It allows making configuration changes for managed devices on FortiManager panes

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

You cannot assign the same ADOM to multiple administrators

When a new policy package is created, it automatically assigns the global policies to the new package.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

When a new policy package is created, you can select the option to assign the global policies to the new package.

192.168.0.1/24

10.200.1.0/24

It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

The administrator profile does not have full access privileges like the Super_User profile.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

FortiAnalyzer features are not enabled on FortiManager.

Restore the configuration from a previous backup.

Log in as Super_User in order to unlock the ADOM.

Log in using the same administrator account to unlock the ADOM.

Delete the previous admin session manually through the FortiManager GUI or CLI.

FortiGuard database

Global database

Logs

All devices

Device-level database

Revision history database

ADOM-level database

Configuration-level database

It allows FortiGate to unset central management settings.

It allows FortiGate to reboot and recover the previous configuration from its configuration file.

It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

It allows FortiGate to reboot and restore a previously working firmware image.

FortiGate devices in HA cluster devices are counted as a single device.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

The maximum number of managed devices for each ADOM is 500.

The policy package reports inconsistencies and conflicts during a Policy Consistency Check .

The policy package does not have a FortiGate as the installation target.

The policy package configuration has been changed on both FortiManager and the managed device

independently.

The policy configuration has never been imported after a device was registered on FortiManager.