NSE5_FMG-7.2 Fortinet NSE 5 - FortiManager 7.2 Question and Answers

You must install these changes using the Install Wizard to a managed device

The successful execution of a script on the Device Database will create a new revision history

The script history will show successful installation of the script on the remote FortiGate

The Device Settings Status will be tagged as Modified

It will install configuration changes to managed device automatically

It will tag the device settings status as Auto-Update

It will generate a new version ID and remove all other revision history versions

It will modify the device-level database

Restore the configuration from a previous backup.

Log in as Super_User in order to unlock the ADOM.

Log in using the same administrator account to unlock the ADOM.

Delete the previous admin session manually through the FortiManager GUI or CLI.

Allows FortiManager to download IPS packages

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

Allows FortiManager to run real-time debugs on the managed devices

Allows FortiManager to automatically configure a default route

It allows two or more administrators to make configuration changes at the same time, in the same ADOM.

It disables concurrent read-write access to an ADOM.

It allows the same administrator to lock more than one ADOM at the same time.

It is used to validate administrator login attempts through external servers.

To create System Checkpoints for the FortiManager configuration.

To save the current state of the whole ADOM.

To save the current state of all policy packages and objects for an ADOM.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

Reboot the failed device to remove its IP from the primary device.

Reconfigure the primary device lo remove the peer IP of the failed device.

The FortiManager HAfailover is transparent to administrators and does not require any reconfiguration.

Managed gateways are devices managed by FortiManager in the same ADOM

External gateways are third-party VPN gateway devices only

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

Managed devices in other ADOMs must be treated as external gateways

FortiManager is unable to determine the policy package status

The policy package was never imported after a device was registered on FortiManager

The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager

The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

From the list of configured override servers or public FDN servers

From the default server fds1.fortinet.com

From the configured override server IP address 10.0.1.50 only

From public FDNI server IP address with the fourth highest octet only

The administrative domain is disabled.

The Port1 interface IP address is 192.168.1.99/24.

Management Extension applications are enabled.

The FortiManager setup wizard is disabled.

FortiAnalvzer features are disabled.

When FortiManager is auto-updated with configuration changes made directly on a managed device

When changes to the device-level database are made on FortiManager

When FortiManager installs device-level changes on a managed device

When a configuration revision is reverted to a previous revision in the revision history

The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager.

FortiManager is unable to determine the policy package status.

The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

The policy package was never imported after a device was registered on FortiManager

Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

Changes to the AP's state must be performed directly on the managed FortiGate.

Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

You must specify a gateway address when you create a default static route

Remove all the interface references such as routes or policies

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

It allows FortiManager to determine the connection status of managed devices.

It allows administrative access to FortiManager.

It allows third-party applications to gain read/write access to FortiManager.

FortiManager will not allow the administrator to delete a referenced address object

FortiManager will disable the status of the referenced firewall policy

FortiManager will replace the deleted address object with the none address object in the referenced

firewall policy

FortiManager will replace the deleted address object with all address object in the referenced firewall policy

VIP and IP Pools

Firewall policies

Security profiles

Routing

The FortiGate will be added automatically to the default ADOM named FortiGate.

The FortiGate will be automatically added to the Training ADOM.

By default, the unregistered FortiGate will appear in the root ADOM.

The FortiManager administrator must add the unregistered device manually to the unregistered device

manually to the Training ADOM using the Add Device wizard

The latest revision history for the managed FortiGate does match with the FortiGate running configuration

Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

The latest history for the managed FortiGate does not match with the device-level database

Configuration changes directly made on the FortiGate have been automatically updated to device-level

database

Trainer is not a part of workflow approval group

Trainer does not have full rights over this ADOM

Trainer must close Student’s workflow session before approving the request

Student, who submitted the workflow session, must first self-approve the request

It does not back up firmware images saved on FortiManager.

It can be configured using the CLI and GUI.

It backs up all devices and the FortiGuard database.

It supports FTP, SCP, and SFTP.

Username is admin

Password is fortinet

FortiAnalyzer features are disabled

Reports and Event Monitor panes are enabled

port1 interface IP address is 192.168.1.99/24

The setting allows automatic updates to the policy package configuration for a managed device

The setting enables the ADOMs feature on FortiManager

This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

The setting disables concurrent ADOM access and adds ADOM locking

You must install these changes using Install Wizard

FortiGate will auto-update the FortiManager’s device-level database.

FortiManager will create a new revision history.

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

FortiManager updated the object ALL using the FortiGate value in its database.

FortiManager installed the object ALL with the updated value.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

FortiManager updated the object ALL using the FortiManager value in its database.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

The administrator profile does not have full access privileges like the Super_User profile.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

FortiAnalyzer features are not enabled on FortiManager.