NSE5_FMG-7.2 Fortinet NSE 5 - FortiManager 7.2 Questions and Answers

The unused objects that are not tied to the firewall policies will be installed on FortiGate

The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate

The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted

The unused objects that are not tied to the firewall policies in policy package will be deleted from the

FortiManager database

When configuration revision is reverted to previous revision in the revision history

When FortiManager installs device-level changes to a managed device

When FortiManager is auto-updated with configuration changes made directly on a managed device

When changes to device-level database is made on FortiManager

FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on

FortiGate under central management.

During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM.

Policy seq.# 3 will be skipped because no installation targets are specified.

Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.

Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target.

Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only.

The latest revision history for the managed FortiGate does match with the FortiGate running configuration

Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

The latest history for the managed FortiGate does not match with the device-level database

Configuration changes directly made on the FortiGate have been automatically updated to device-level

database

Allows FortiManager to download IPS packages

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

Allows FortiManager to run real-time debugs on the managed devices

Allows FortiManager to automatically configure a default route

You must install these changes using the Install Wizard to a managed device

The successful execution of a script on the Device Database will create a new revision history

The script history will show successful installation of the script on the remote FortiGate

The Device Settings Status will be tagged as Modified

FortiManager will not allow the administrator to delete a referenced address object

FortiManager will disable the status of the referenced firewall policy

FortiManager will replace the deleted address object with the none address object in the referenced

firewall policy

FortiManager will replace the deleted address object with all address object in the referenced firewall policy

It will install configuration changes to managed device automatically

It will tag the device settings status as Auto-Update

It will generate a new version ID and remove all other revision history versions

It will modify the device-level database

Device name and serial number of the original device.

Device name and serial number of the replacement device.

Device name of the replacement device and serial number of the original device.

Device name of the original device and serial number of the replacement device.

The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

The policy package does not have a FortiGate as the installation target.

The policy package configuration has been changed on both FortiManager and the managed device

independently.

The policy configuration has never been imported after a device was registered on FortiManager.

It supports the FortiManager script feature

It allows making configuration changes for managed devices on FortiManager panes

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

You cannot assign the same ADOM to multiple administrators

Restore the configuration from a previous backup.

Log in as Super_User in order to unlock the ADOM.

Log in using the same administrator account to unlock the ADOM.

Delete the previous admin session manually through the FortiManager GUI or CLI.

When a new policy package is created, it automatically assigns the global policies to the new package.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

When a new policy package is created, you can select the option to assign the global policies to the new package.

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

The Security Fabric settings are part of the device level settings

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

To create System Checkpoints for the FortiManager configuration.

To save the current state of the whole ADOM.

To save the current state of all policy packages and objects for an ADOM.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

FortiManager will keep all the logs and reports on the FortiManager.

FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.

FortiManager will install the logging configuration to the managed devices

FortiManager can be used only as a logging device.

You must manually move the header and footer policies after the policy assignment.

After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed.

If you assign an additional global policy package to the same ADOM, FortiManaqer removes previously assigned policies.

You can edit or delete all the global objects in the global ADOM.

By a dollar symbol ($) at the end of the device name

By an at symbol (@) at the end of the device name

By a QUESTION NO: mark(?) at the end of the device name

By an Asterisk (*) at the end of the device name

It provides recommendations for optimizing policies in a policy package.

It provides recommendations to combine similar policy packages within an ADOM into one single policy package.

It compares the policy packages with the revision history, and updates policy packages in the ADOM database.

It merges and creates dynamic mappings for duplicate objects used in a policy package.

Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

Changes to the AP's state must be performed directly on the managed FortiGate.

Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.

The FortiGate will be added automatically to the default ADOM named FortiGate.

The FortiGate will be automatically added to the Training ADOM.

By default, the unregistered FortiGate will appear in the root ADOM.

The FortiManager administrator must add the unregistered device manually to the unregistered device

manually to the Training ADOM using the Add Device wizard

To push these changes to a managed device, it required an install operation to the managed FortiGate.

Reverting to a previous revision history will generate a new version ID and remove all other history

versions.

Reverting to a previous revision history will tag the device settings status as Auto-Update.

It will modify device-level database

10.0.1.0/24

It will create firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values

192.168.0.1/24

Local-FortiGate will automatically choose an IP Network based on its network interface settings.

FortiManager updated the object ALL using FortiGate’s value in its database

FortiManager updated the object ALL using FortiManager’s value in its database

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

FortiManager installed the object ALL with the updated value.

Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM

syntax

Verifies and corrects unregistered, registered, and deleted device states

Verifies and corrects database schemas in all object tables

Verifies and corrects duplicate VDOM entries

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

You must specify a gateway address when you create a default static route

Remove all the interface references such as routes or policies

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.