Labour Day Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

Fortinet NSE 5 - FortiManager 7.2 Question and Answers

Fortinet NSE 5 - FortiManager 7.2

Last Update Apr 26, 2024
Total Questions : 88

We are offering FREE NSE5_FMG-7.2 Fortinet exam questions. All you do is to just go and sign up. Give your details, prepare NSE5_FMG-7.2 free exam questions and then go for complete pool of Fortinet NSE 5 - FortiManager 7.2 test questions that will help you more.

NSE5_FMG-7.2 pdf

NSE5_FMG-7.2 PDF

$35  $99.99
 Add to Cart
NSE5_FMG-7.2 Engine

NSE5_FMG-7.2 Testing Engine

$42  $119.99
 Add to Cart
NSE5_FMG-7.2 PDF + Engine

NSE5_FMG-7.2 PDF + Testing Engine

$56  $159.99
 Add to Cart
Questions 1

What does thediagnose dvm check-integritycommand do? (Choose two.)

Options:

A.  

Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM

syntax

B.  

Verifies and corrects unregistered, registered, and deleted device states

C.  

Verifies and corrects database schemas in all object tables

D.  

Verifies and corrects duplicate VDOM entries

Discussion 0
Questions 2

Refer to the exhibit.

An administrator would like to create three ADOMs on FortiManager with different access levels based on departments.

What two conclusions can you draw from the design shown in the exhibit? (Choose two.)

Options:

A.  

Admin A can access VDOM2 and VDOM3 with the super user profile.

B.  

The FortiManager policies and objects database can be shared between the Financial and HR ADOMs.

C.  

The administrator must set the FortiManager ADOM mode to Advanced.

D.  

The administrator must configure FortiManager in workspace mode.

Discussion 0
Questions 3

An administrator created a header and footer global policy package and assigned it to an ADOM.

What are two outcomes from this action? (Choose two.)

Options:

A.  

You must manually move the header and footer policies after the policy assignment.

B.  

After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed.

C.  

If you assign an additional global policy package to the same ADOM, FortiManaqer removes previously assigned policies.

D.  

You can edit or delete all the global objects in the global ADOM.

Discussion 0
Questions 4

Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

Options:

A.  

FortiManager ignored the firewall service category General but created a new service category in its database.

B.  

FortiManager ignored the firewall service category general and deleted the duplicate value In Its database

C.  

FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

D.  

FortiManager ignored the firewall service category General and did not update Its database with the value

Discussion 0
Questions 5

Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

Options:

A.  

Backs up all devices and the FortiGuard database.

B.  

Does not back up firmware images saved on FortiManager

C.  

Supports FTP, SCP, and SFTP

D.  

Can be configured from the CLI and GUI

Discussion 0
Questions 6

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

Options:

A.  

When you configure MEA, you must open TCP or UDP port 540.

B.  

You must open the ports to the Fortinet registry

C.  

You must create a MEA special policy on FortiManager using the super user profile

D.  

The administrator must have the super user profile.

Discussion 0
Questions 7

View the following exhibit:

An administrator used the value shown in the exhibit when importing a Local-FortiGate into FortiManager. What name will be used to display the firewall policy for port1?

Options:

A.  

port1 on FortiGate and WAN on FortiManager

B.  

port1 on both FortiGate and FortiManager

C.  

WAN zone on FortiGate and WAN zone on FortiManager

D.  

WAN zone on FortiGate and WAN interface on FortiManager

Discussion 0
Questions 8

Refer to the exhibit.

An administrator is about to add the FortiGate device to FortiManager using the discovery process FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings

What is the expected result?

Options:

A.  

During discovery FortiManager sets trie FortiManager NATed IP address on FortiGate

B.  

During discovery FortiManager sets both tie FortiManager NATed IP address and NAT device IP address on FortiGate

C.  

During discovery FortiManager sets the NATed device IP address on FortiGate

D.  

During discovery FortiManager uses only the FortiGate serial number to establish the connection

Discussion 0
Questions 9

View the following exhibit.

An administrator has created a firewall address object, Training, which is used in the Local-FortiGate policy package. When the install operation is performed, which IP Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

Options:

A.  

10.0.1.0/24

B.  

It will create firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values

C.  

192.168.0.1/24

D.  

Local-FortiGate will automatically choose an IP Network based on its network interface settings.

Discussion 0
Questions 10

Which two statements regarding device management on FortiManager are true? (Choose two.)

Options:

A.  

FortiGate devices in HA cluster devices are counted as a single device.

B.  

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.  

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.  

The maximum number of managed devices for each ADOM is 500.

Discussion 0
Questions 11

Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

Options:

A.  

It allows two or more administrators to make configuration changes at the same time, in the same ADOM.

B.  

It disables concurrent read-write access to an ADOM.

C.  

It allows the same administrator to lock more than one ADOM at the same time.

D.  

It is used to validate administrator login attempts through external servers.

Discussion 0
Questions 12

What does a policy package status ofConflictindicate?

Options:

A.  

The policy package reports inconsistencies and conflicts during aPolicy Consistency Check.

B.  

The policy package does not have a FortiGate as the installation target.

C.  

The policy package configuration has been changed on both FortiManager and the managed device

independently.

D.  

The policy configuration has never been imported after a device was registered on FortiManager.

Discussion 0
Questions 13

What is the purpose of ADOM revisions?

Options:

A.  

To createSystem Checkpointsfor the FortiManager configuration.

B.  

To save the current state of the whole ADOM.

C.  

To save the current state of all policy packages and objects for an ADOM.

D.  

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Discussion 0
Questions 14

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

Options:

A.  

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

B.  

TheFabric Viewmodule enables you to generate the Security Fabric ratings for Security Fabric devices

C.  

The Security Fabric settings are part of the device level settings

D.  

TheFabric Viewmodule enables you to view the Security Fabric ratings for Security Fabric devices

Discussion 0
Questions 15

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

Options:

A.  

Device name and serial number of the original device.

B.  

Device name and serial number of the replacement device.

C.  

Device name of the replacement device and serial number of the original device.

D.  

Device name of the original device and serial number of the replacement device.

Discussion 0
Questions 16

Which two items are included in the FortiManager backup? (Choose two.)

Options:

A.  

FortiGuard database

B.  

Global database

C.  

Logs

D.  

All devices

Discussion 0
Questions 17

Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.

What is the purpose of this command?

Options:

A.  

It allows FortiGate to unset central management settings.

B.  

It allows FortiGate to reboot and recover the previous configuration from its configuration file.

C.  

It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

D.  

It allows FortiGate to reboot and restore a previously working firmware image.

Discussion 0
Questions 18

Refer to the exhibit.

Which two statements are true if the script is executed using theDevice Databaseoption? (Choose two.)

Options:

A.  

You must install these changes using theInstall Wizardto a managed device

B.  

The successful execution of a script on theDevice Databasewill create a new revision history

C.  

The script history will show successful installation of the script on the remote FortiGate

D.  

TheDevice Settings Statuswill be tagged asModified

Discussion 0
Questions 19

Refer to the exhibits.

Exhibit one.

Exhibit two.

An administrator created a new system template namedTrainingwith two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.

What can be the main reason for these unset commands?

Options:

A.  

The DNS addresses in the default system settings are the same as theTrainingsystem template

B.  

TheTrainingsystem template has other default settings

C.  

The ADOM is locked by another administrator

D.  

TheTrainingsystem template does not have assigned devices

Discussion 0
Questions 20

An administrator, Trainer, who is assigned theSuper_Userprofile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session.

What can prevent an admin account that hasSuper_Userrights over the device from approving a workflow session?

Options:

A.  

Trainer is not a part of workflow approval group

B.  

Trainer does not have full rights over this ADOM

C.  

Trainer must close Student’s workflow session before approving the request

D.  

Student, who submitted the workflow session, must first self-approve the request

Discussion 0
Questions 21

Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

Options:

A.  

It does not back up firmware images saved on FortiManager.

B.  

It can be configured using the CLI and GUI.

C.  

It backs up all devices and the FortiGuard database.

D.  

It supports FTP, SCP, and SFTP.

Discussion 0
Questions 22

Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

Options:

A.  

The same administrator can lock more than one ADOM at the same time

B.  

Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

C.  

Unlocking an ADOM will submit configuration changes automatically to the approval administrator

D.  

Unlocking an ADOM will install configuration automatically on managed devices

Discussion 0
Questions 23

An administrator would like to create an SD-WAN using central management in theTrainingADOM.

To create an SD-WAN using central management, which two steps must be completed? (Choose two.)

Options:

A.  

Specify a gateway address when you create a default SD-WAN static route

B.  

Enable SD-WAN central management in theTrainingADOM

C.  

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN

template settings

D.  

Remove all the interface references such as routes or policies that will be a part of SD-WAN member

interfaces

Discussion 0
Questions 24

An administrator run the reload failure command:diagnose test deploymanager reload config

on FortiManager. What does this command do?

Options:

A.  

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

B.  

It installs the latest configuration on the specified FortiGate and update the revision history database.

C.  

It compares and provides differences in configuration on FortiManager with the current running

configuration of the specified FortiGate.

D.  

It installs the provisioning template configuration on the specified FortiGate.

Discussion 0
Questions 25

What is the purpose of thePolicy Checkfeature on FortiManager?

Options:

A.  

To find and provide recommendation to combine multiple separate policy packages into one common

policy package

B.  

To find and merge duplicate policies in the policy package

C.  

To find and provide recommendation for optimizing policies in a policy package

D.  

To find and delete disabled firewall policies in the policy package

Discussion 0
Questions 26

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

Options:

A.  

VIP and IP Pools

B.  

Firewall policies

C.  

Security profiles

D.  

Routing

Discussion 0