NSE5_FMG-7.2 Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

The Security Fabric settings are part of the device level settings

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

It supports the FortiManager script feature

It allows making configuration changes for managed devices on FortiManager panes

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

You cannot assign the same ADOM to multiple administrators

Device name and serial number of the original device.

Device name and serial number of the replacement device.

Device name of the replacement device and serial number of the original device.

Device name of the original device and serial number of the replacement device.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

The administrator profile does not have full access privileges like the Super_User profile.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

FortiAnalyzer features are not enabled on FortiManager.

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

You must specify a gateway address when you create a default static route

Remove all the interface references such as routes or policies

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

Reboot the failed device to remove its IP from the primary device.

Reconfigure the primary device lo remove the peer IP of the failed device.

The FortiManager HAfailover is transparent to administrators and does not require any reconfiguration.

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

It allows FortiManager to determine the connection status of managed devices.

It allows administrative access to FortiManager.

It allows third-party applications to gain read/write access to FortiManager.

port1 on FortiGate and WAN on FortiManager

port1 on both FortiGate and FortiManager

WAN zone on FortiGate and WAN zone on FortiManager

WAN zone on FortiGate and WAN interface on FortiManager

Policy ID 1 is configured from the interface any to port6. FortiManager rejects the request to import this policy because the any interface does not exist on FortiManager.

The address object used in policy ID 1 already exists in the ADOM database with any as the interface association, and conflicts with the address object interface association locally on FortiGate.

Policy ID 1 does not have the ADOM Interface mapping configured on FortiManager.

Policy ID 1 for this managed FortiGate already exists on FortiManager in the policy package named Remote-FortiGate.

By a dollar symbol ($) at the end of the device name

By an at symbol (@) at the end of the device name

By a QUESTION NO: mark(?) at the end of the device name

By an Asterisk (*) at the end of the device name

The administrator had restored the FortiManager configuration file

The administrator must refresh both devices to restore connectivity

FortiManager test internet connectivity therefore, both devices appear to be down

The administrator can reclaim the FGFM tunnel to get both devices online

The service provider administrator can unassign both policies from the global ADOM.

The service provider administrator can unassign both global policies from My_ADOM.

The customer administrator can unassign both polices by locking My_ADOM.

The customer administrator can unassign both global polices from My_ADOM.

The device name of the new device and serial number of the failed device

The device name and serial number of the failed device

The device name of the failed device and serial number of the new device

The device name and serial number of the new device

It provides recommendations for optimizing policies in a policy package.

It provides recommendations to combine similar policy packages within an ADOM into one single policy package.

It compares the policy packages with the revision history, and updates policy packages in the ADOM database.

It merges and creates dynamic mappings for duplicate objects used in a policy package.

FortiGate uptime

FortiGate license information

FortiGate IPS version

FortiGate configuration checksum

VIP and IP Pools

Firewall policies

Security profiles

Routing

The DNS addresses in the default system settings are the same as the Training system template

The Training system template has other default settings

The ADOM is locked by another administrator

The Training system template does not have assigned devices

Policy ID 2 is installed without a source address

Policy ID 2 will not be installed

Policy ID 2 is installed in disabled state

Policy ID 2 is installed without a source device

Specify a gateway address when you create a default SD-WAN static route

Enable SD-WAN central management in the Training ADOM

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN

template settings

Remove all the interface references such as routes or policies that will be a part of SD-WAN member

interfaces

The FortiGate will be added automatically to the default ADOM named FortiGate.

The FortiGate will be automatically added to the Training ADOM.

By default, the unregistered FortiGate will appear in the root ADOM.

The FortiManager administrator must add the unregistered device manually to the unregistered device

manually to the Training ADOM using the Add Device wizard

From the list of configured override servers with ability to fall back to public FDN servers

From the configured override server list only

From the default server fdsl.fortinet.com

From public FDNI server with highest index number only

ADOM revisions can significantly increase the size of the configuration backups.

ADOM revisions can save the current size of the whole ADOM

ADOM revisions can create System Checkpoints for the FortiManager configuration

ADOM revisions can save the current state of all policy packages and objects for an ADOM

You must install these changes using Install Wizard

FortiGate will auto-update the FortiManager’s device-level database.

FortiManager will create a new revision history.

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

The latest revision history for the managed FortiGate does match with the FortiGate running configuration

Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

The latest history for the managed FortiGate does not match with the device-level database

Configuration changes directly made on the FortiGate have been automatically updated to device-level

database

Restore the configuration from a previous backup.

Log in as Super_User in order to unlock the ADOM.

Log in using the same administrator account to unlock the ADOM.

Delete the previous admin session manually through the FortiManager GUI or CLI.

FortiGate devices in HA cluster devices are counted as a single device.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

The maximum number of managed devices for each ADOM is 500.

When a new policy package is created, it automatically assigns the global policies to the new package.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

When a new policy package is created, you can select the option to assign the global policies to the new package.