Fortinet NSE5-FMG-7-0 Exam Questions
Questions for the NSE5-FMG-7-0 were updated on : Jul 20 ,2024
Page 1 out of 4. Viewing questions 1-10 out of 35
Question 1
Refer to the exhibit.
An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings.
What is the expected result?
- A. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate.
- B. During discovery, FortiManager uses only the FortiGate serial number to establish the connection.
- C. During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate.
- D. During discovery, FortiManager sets the NATed device IP address on FortiGate.
Answer:
c
Question 2
In the event that one of the secondary FortiManager devices fails, which action must be performed to return the FortiManager HA to a working state?
- A. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.
- B. The FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
- C. Reconfigure the primary device to remove the peer IP of the failed device.
- D. Reboot the failed device to remove its IP from the primary device.
Answer:
a
Question 3
Refer to the exhibit.
A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access only to My_ADOM.
How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package?
- A. The service provider administrator can unassign both global policies from My_ADOM.
- B. The service provider administrator can unassign both policies from the global ADOM.
- C. The customer administrator can unassign both global polices from My_ADOM.
- D. The customer administrator can unassign both polices by locking My_ADOM.
Answer:
b
Question 4
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.
What will happen to the Fortinet policy package?
- A. When the Fortinet policy package is created, it automatically assigns the global policies.
- B. When the Fortinet policy package is created, you can select the option to assign the global policies.
- C. When the Fortinet policy package is created, you need to reapply the global policy package to the ADOM.
- D. When the Fortinet policy package is created, you need to assign the global policy package from the global ADOM.
Answer:
a
Question 5
Refer to the exhibit.
Which two statements about an ADOM set in Normal mode on Fortitvlanager are true? (Choose two.)
- A. It supports the FortiManager script feature.
- B. You cannot assign the same ADOM to multiple administrators.
- C. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate.
- D. It allows making configuration changes for managed devices on FortiManager panes.
Answer:
ad
Question 6
Which two statements regarding device management on FortiManager are true? (Choose two.)
- A. FortiGate devices in an HA cluster are counted as a single device.
- B. FortiGate devices in transparent mode configurations are not counted toward the device count on FortiManager.
- C. The maximum number of managed devices for each ADOM is 500.
- D. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.
Answer:
ad
Question 7
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)
- A. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices.
- B. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration.
- C. The Security Fabric settings are part of the device-level settings.
- D. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices.
Answer:
ac
Question 8
Refer to the exhibit.
You are using the Quick Install option to install configuration changes on the managed FortiGate.
Which two statements correctly describe the result? (Choose two.)
- A. It installs all the changes in the device database first and the administrator must reinstall the changes on the FortiGate device.
- B. It provides the option to preview only the policy package changes before installing them.
- C. It installs provisioning templates changes on the FortiGate device.
- D. It installs device-level changes on the FortiGate device without launching the Install Wizard.
Answer:
bd
Question 9
Refer to the exhibit.
Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?
- A. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.
- B. FortiManager ignored the firewall service category General and deleted the duplicate value in its database.
- C. FortiManager ignored the firewall service category General but created a new service category in its database.
- D. FortiManager ignored the firewall service category General and did not update its database with the value.
Answer:
c
Question 10
An administrator enabled workspace mode and now wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?
- A. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy.
- B. FortiManager will not allow the administrator to delete a referenced address object until the ADOM is locked.
- C. FortiManager will leave the address object empty.
- D. FortiManager will temporary disable the status of the referenced firewall policy.
Answer:
a