Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Fortinet
  3. Fortinet Certification
  4. NSE5_FMG-7.2 - Fortinet NSE 5 - FortiManager 7.2

Fortinet NSE5_FMG-7.2 Fortinet NSE 5 - FortiManager 7.2 Exam Practice Test

Demo: 30 questions
Total 101 questions
Get NSE5_FMG-7.2 Full Access Download NSE5_FMG-7.2 PDF

Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

Question 1

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

Options:

A.

VIP and IP Pools

B.

Firewall policies

C.

Security profiles

D.

Routing

Question 2

Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

Options:

A.

The same administrator can lock more than one ADOM at the same time

B.

Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

C.

Unlocking an ADOM will submit configuration changes automatically to the approval administrator

D.

Unlocking an ADOM will install configuration automatically on managed devices

Question 3

What will happen if FortiAnalyzer features are enabled on FortiManager?

Options:

A.

FortiManager will reboot

B.

FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager

C.

FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices

D.

FortiManager can be used only as a logging device.

Question 4

Which three settings are the factory default settings on FortiManager? (Choose three.)

Options:

A.

Username is admin

B.

Password is fortinet

C.

FortiAnalyzer features are disabled

D.

Reports and Event Monitor panes are enabled

E.

port1 interface IP address is 192.168.1.99/24

Question 5

View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

Options:

A.

From the list of configured override servers with ability to fall back to public FDN servers

B.

From the configured override server list only

C.

From the default server fdsl.fortinet.com

D.

From public FDNI server with highest index number only

Question 6

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior

administrators.

How should the Workspace mode be configured on FortiManager?

Options:

A.

Set to workflow and use the ADOM locking feature

B.

Set to read/write and use the policy locking feature

C.

Set to normal and use the policy locking feature

D.

Set to disable and use the policy locking feature

Question 7

Refer to the exhibit.

Which statement about the object named ALL is true?

Options:

A.

FortiManager updated the object ALL using the FortiGate value in its database.

B.

FortiManager installed the object ALL with the updated value.

C.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.

FortiManager updated the object ALL using the FortiManager value in its database.

Question 8

View the following exhibit.

Which statement is true regarding this failed installation log?

Options:

A.

Policy ID 2 is installed without a source address

B.

Policy ID 2 will not be installed

C.

Policy ID 2 is installed in disabled state

D.

Policy ID 2 is installed without a source device

Question 9

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

Options:

A.

When configuration revision is reverted to previous revision in the revision history

B.

When FortiManager installs device-level changes to a managed device

C.

When FortiManager is auto-updated with configuration changes made directly on a managed device

D.

When changes to device-level database is made on FortiManager

Question 10

Which two items does an FGFM keepalive message include? (Choose two.)

Options:

A.

FortiGate uptime

B.

FortiGate license information

C.

FortiGate IPS version

D.

FortiGate configuration checksum

Question 11

Refer to the exhibit.

An administrator has created a firewall address object that is used in multiple policy packages for multiple FortiGate devices in an ADOM.

After the installation operation is performed, which IP/netmask will be shown on FortiManager for this firewall address object without specify Per-Device Mapping?

Options:

A.

The FortiManager replaces the address object to none.

B.

0.0.0.0/0.

C.

192.168.1.0/24.

D.

10.0.5.0/24.

Question 12

View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

Options:

A.

This setting will enable the ADOMs feature on FortiManager.

B.

This setting is applied globally to all ADOMs.

C.

This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.

D.

This setting will allow automatic updates to the policy package configuration for a managed device.

Question 13

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

Options:

A.

Managed gateways are devices managed by FortiManager in the same ADOM

B.

External gateways are third-party VPN gateway devices only

C.

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

D.

Managed devices in other ADOMs must be treated as external gateways

Question 14

In the event that one of the secondary FortiManager devices fails, which action must be performed to return the FortiManager HA manual mode to a working state?

Options:

A.

The FortiManaqer HA state transition is transparent to administrators and does not require any reconfiguration.

B.

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

C.

Reconfigure the primary device to remove the peer IP of the failed device.

D.

Reboot the failed device to remove its IP from the primary device.

Question 15

What is the advantage of using FortiManager to manage PortiAnalyzer?

Options:

A.

It allows FortiManager to manage all FortiGate devices

B.

It allows FortiManager to fun reports based on FortiAnalyzer

C.

It allows FortiManager to store all managed FortiGate device logs

D.

It allows FortiManager to act as a collector and FortiAnalyzer device

Question 16

Refer to the exhibit.

In the event that the monitored interface for the primary FortiManager device fails, which statement is true about FortiManager HA?

Options:

A.

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

B.

Reboot the failed device to remove its IP from the primary device.

C.

Reconfigure the primary device lo remove the peer IP of the failed device.

D.

The FortiManager HAfailover is transparent to administrators and does not require any reconfiguration.

Question 17

Refer to the exhibit.

A junior administrator is troubleshooting a FortiManager connectivity issue that rs occurring with managed FortiGate devices

Given the FortiManager device manager settings shown in the exhibit what can you conclude from the exhibit?

Options:

A.

The administrator had restored the FortiManager configuration file

B.

The administrator must refresh both devices to restore connectivity

C.

FortiManager test internet connectivity therefore, both devices appear to be down

D.

The administrator can reclaim the FGFM tunnel to get both devices online

Question 18

View the following exhibit:

An administrator used the value shown in the exhibit when importing a Local-FortiGate into FortiManager. What name will be used to display the firewall policy for port1?

Options:

A.

port1 on FortiGate and WAN on FortiManager

B.

port1 on both FortiGate and FortiManager

C.

WAN zone on FortiGate and WAN zone on FortiManager

D.

WAN zone on FortiGate and WAN interface on FortiManager

Question 19

Refer to the exhibit.

According to the error message why is FortiManager failing to add the FortiAnalyzer device?

Options:

A.

The administrator must turn off the Use Legacy Device login and add the FortiAnalyzer device to the same network as Forti-Manager

B.

The administrator must select the Forti-Manager administrative access checkbox on the FortiAnalyzer management interface

C.

The administrator must use the Add Model Device section and discover the FortiAnalyzer device

D.

The administrator must use the correct user name and password of the FortiAnalyzer device

Question 20

What is the purpose of the Policy Check feature on FortiManager?

Options:

A.

It provides recommendations for optimizing policies in a policy package.

B.

It provides recommendations to combine similar policy packages within an ADOM into one single policy package.

C.

It compares the policy packages with the revision history, and updates policy packages in the ADOM database.

D.

It merges and creates dynamic mappings for duplicate objects used in a policy package.

Question 21

Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.

What is the purpose of this command?

Options:

A.

It allows FortiGate to unset central management settings.

B.

It allows FortiGate to reboot and recover the previous configuration from its configuration file.

C.

It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

D.

It allows FortiGate to reboot and restore a previously working firmware image.

Question 22

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

Options:

A.

It supports the FortiManager script feature

B.

It allows making configuration changes for managed devices on FortiManager panes

C.

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

D.

You cannot assign the same ADOM to multiple administrators

Question 23

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

Options:

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Question 24

Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

Options:

A.

It allows two or more administrators to make configuration changes at the same time, in the same ADOM.

B.

It disables concurrent read-write access to an ADOM.

C.

It allows the same administrator to lock more than one ADOM at the same time.

D.

It is used to validate administrator login attempts through external servers.

Question 25

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

Options:

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Question 26

An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash.

How can the administrator unlock the ADOM?

Options:

A.

Restore the configuration from a previous backup.

B.

Log in as Super_User in order to unlock the ADOM.

C.

Log in using the same administrator account to unlock the ADOM.

D.

Delete the previous admin session manually through the FortiManager GUI or CLI.

Question 27

What does a policy package status of Conflict indicate?

Options:

A.

The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

B.

The policy package does not have a FortiGate as the installation target.

C.

The policy package configuration has been changed on both FortiManager and the managed device

independently.

D.

The policy configuration has never been imported after a device was registered on FortiManager.

Question 28

Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

Options:

A.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

B.

The administrator profile does not have full access privileges like the Super_User profile.

C.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

D.

FortiAnalyzer features are not enabled on FortiManager.

Question 29

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

Options:

A.

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

B.

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

C.

The Security Fabric settings are part of the device level settings

D.

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

Question 30

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.

Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?

Options:

A.

When a new policy package is created, it automatically assigns the global policies to the new package.

B.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

C.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

D.

When a new policy package is created, you can select the option to assign the global policies to the new package.

Load More NSE5_FMG-7.2 Questions
Demo: 30 questions
Total 101 questions
Get NSE5_FMG-7.2 Full Access Download NSE5_FMG-7.2 PDF