A.  

Policy seq # 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target

B.  

Policy seq # 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets

C.  

Policy seq # 1 will be installed on the Remoto-FortiGate root[NAT] and Student[NAT] VDOMs only

D.  

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM

E.  

Policy seq # 3 will be skipped because no installation targets are specified

A.  

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

B.  

Reboot the failed device to remove its IP from the primary device.

C.  

Reconfigure the primary device lo remove the peer IP of the failed device.

D.  

The FortiManager HAfailover is transparent to administrators and does not require any reconfiguration.

A.  

That the virtual IP address and correct ports are set on the NAT device

B.  

That the NAT device IP address and correct ports are configured on FortiManager

C.  

That the external IP address on the NAT device is set to DHCP and configured with the virtual IP

D.  

That the override server IP address is set on FortiManager and the NAT device

A.  

The device name of the new device and serial number of the failed device

B.  

The device name and serial number of the failed device

C.  

The device name of the failed device and serial number of the new device

D.  

The device name and serial number of the new device

A.  

It will install configuration changes to managed device automatically

B.  

It will tag the device settings status as Auto-Update

C.  

It will generate a new version ID and remove all other revision history versions

D.  

It will modify the device-level database

A.  

You must install these changes using the Install Wizard to a managed device

B.  

The successful execution of a script on the Device Database will create a new revision history

C.  

The script history will show successful installation of the script on the remote FortiGate

D.  

The Device Settings Status will be tagged as Modified

A.  

Device-level database

B.  

Revision history database

C.  

ADOM-level database

D.  

Configuration-level database

A.  

Allows FortiManager to download IPS packages

B.  

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.  

Allows FortiManager to run real-time debugs on the managed devices

D.  

Allows FortiManager to automatically configure a default route

A.  

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

B.  

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

C.  

The Security Fabric settings are part of the device level settings

D.  

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

A.  

FortiGuard database

B.  

Global database

C.  

Logs

D.  

All devices

A.  

It allows FortiGate to unset central management settings.

B.  

It allows FortiGate to reboot and recover the previous configuration from its configuration file.

C.  

It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

D.  

It allows FortiGate to reboot and restore a previously working firmware image.

A.  

The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

B.  

The policy package does not have a FortiGate as the installation target.

C.  

The policy package configuration has been changed on both FortiManager and the managed device

independently.

D.  

The policy configuration has never been imported after a device was registered on FortiManager.

A.  

To create System Checkpoints for the FortiManager configuration.

B.  

To save the current state of the whole ADOM.

C.  

To save the current state of all policy packages and objects for an ADOM.

D.  

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

A.  

Device name and serial number of the original device.

B.  

Device name and serial number of the replacement device.

C.  

Device name of the replacement device and serial number of the original device.

D.  

Device name of the original device and serial number of the replacement device.

A.  

When you configure MEA, you must open TCP or UDP port 540.

B.  

You must open the ports to the Fortinet registry

C.  

You must create a MEA special policy on FortiManager using the super user profile

D.  

The administrator must have the super user profile.

A.  

Backs up all devices and the FortiGuard database.

B.  

Does not back up firmware images saved on FortiManager

C.  

Supports FTP, SCP, and SFTP

D.  

Can be configured from the CLI and GUI

A.  

Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

B.  

Changes to the AP's state must be performed directly on the managed FortiGate.

C.  

Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

D.  

Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.

A.  

File system

B.  

ADOM1

C.  

ADOM2 object database

D.  

ADOM2

A.  

Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM

syntax

B.  

Verifies and corrects unregistered, registered, and deleted device states

C.  

Verifies and corrects database schemas in all object tables

D.  

Verifies and corrects duplicate VDOM entries

A.  

Managed gateways are devices managed by FortiManager in the same ADOM

B.  

External gateways are third-party VPN gateway devices only

C.  

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

D.  

Managed devices in other ADOMs must be treated as external gateways

A.  

After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

B.  

FortiManager will revert and install a previous configuration revision on the managed FortiGate.

C.  

FortiGate will reject the CLI commands that will cause the tunnel to go down.

D.  

FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

A.  

Make sure FortiManager Access is enabled in the administrator profile

B.  

Make sure Offline Mode is disabled

C.  

Make sure the administrator IP address is part of the trusted hosts.

D.  

Make sure ADOMs are enabled and the administrator has access to the Global ADOM

A.  

VIP and IP Pools

B.  

Firewall policies

C.  

Security profiles

D.  

Routing

A.  

When creating a new policy package, the administrator can select the option to assign the global policy

package to the new policy package

B.  

When a new policy package is created, the administrator needs to reapply the global policy package to

ADOM1.

C.  

When a new policy package is created, the administrator must assign the global policy package from the global ADOM.

D.  

When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

A.  

FortiManager updated the object ALL using the FortiGate value in its database.

B.  

FortiManager installed the object ALL with the updated value.

C.  

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.  

FortiManager updated the object ALL using the FortiManager value in its database.

A.  

You must install these changes using Install Wizard

B.  

FortiGate will auto-update the FortiManager’s device-level database.

C.  

FortiManager will create a new revision history.

D.  

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

A.  

The DNS addresses in the default system settings are the same as the Training system template

B.  

The Training system template has other default settings

C.  

The ADOM is locked by another administrator

D.  

The Training system template does not have assigned devices

A.  

It will not create a new revision in the revision history

B.  

It installs device-level changes to FortiGate without launching the Install Wizard

C.  

It cannot be canceled once initiated and changes will be installed on the managed device

D.  

It provides the option to preview configuration changes prior to installing them

A.  

Set to workflow and use the ADOM locking feature

B.  

Set to read/write and use the policy locking feature

C.  

Set to normal and use the policy locking feature

D.  

Set to disable and use the policy locking feature

A.  

Any pending device settings will be installed automatically

B.  

Any unused objects from a previous ADOM are moved to the new ADOM automatically

C.  

The shared policy package will not be moved to the new ADOM

D.  

Policy packages will be imported into the new ADOM automaticallyD