Download Fortinet.NSE5_FMG-7.2.VCEplus.2024-05-01.34q.vcex

Download Exam

File Info

Exam Fortinet NSE 5 -FortiManager 7-2
Number NSE5_FMG-7.2
File Name Fortinet.NSE5_FMG-7.2.VCEplus.2024-05-01.34q.vcex
Size 3 MB
Posted May 01, 2024
Download Fortinet.NSE5_FMG-7.2.VCEplus.2024-05-01.34q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

An administrator would like to create an SD-WAN using central management in the Training ADOM.
To create an SD-WAN using central management, which two steps must be completed? (Choose two.)


  1. Specify a gateway address when you create a default SD-WAN static route
  2. Enable SD-WAN central management in the Training ADOM
  3. Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN template settings
  4. Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces
Correct answer: BD



Question 2

View the following exhibit:
 
Which two statements are true if the script is executed using the Remote FortiGate Directly (via CLI) option? (Choose two.)


  1. You must install these changes using Install Wizard
  2. FortiGate will auto-update the FortiManager's device-level database.
  3. FortiManager will create a new revision history.
  4. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.
Correct answer: BC



Question 3

Refer to the exhibit.
 
Which two statements about the output are true? (Choose two.)


  1. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  2. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
  3. The latest history for the managed FortiGate does not match with the device-level database
  4. Configuration changes directly made on the FortiGate have been automatically updated to device-level database
Correct answer: AC
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up -- dev-db: modified -- This is the device setting status which indicates that configuration changes were made on FortiManager. -- conf: in sync --This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. -- cond: pending -- This is the configuration status which says that configuration changes need to be installed.Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db:modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.Conclusion: -- Revision DB does match FortiGate. -- No changes were installed to FortiGate yet. -- Device DB doesn't match Revision DB. -- No changes were done on FortiGate (auto-update) but configuration was retrieved insteadAfter an Auto-Update or Retrieve: device database = latest revision = FGTThen after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).After reverting to a previous revision in revision history: device database = reverted revision != FGT
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up -- dev-db: modified -- This is the device setting status which indicates that configuration changes were made on FortiManager. -- conf: in sync --
This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. -- cond: pending -- This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db:
modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: -- Revision DB does match FortiGate. -- No changes were installed to FortiGate yet. -- Device DB doesn't match Revision DB. -- No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve: device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT



Question 4

View the following exhibit:
 
How will FortiManager try to get updates for antivirus and IPS?


  1. From the list of configured override servers with ability to fall back to public FDN servers
  2. From the configured override server list only
  3. From the default server fdsl.fortinet.com
  4. From public FDNI server with highest index number only
Correct answer: A



Question 5

View the following exhibit.
 
Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?


  1. The Install On column value represents successful installation on the managed devices
  2. Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets
  3. Policy seq#3 will be installed on the Trainer[NAT] VDOM only
  4. Policy seq#3 will be not installed on any managed device
Correct answer: B



Question 6

View the following exhibit.
 
An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?


  1. The unused objects that are not tied to the firewall policies will be installed on FortiGate
  2. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate
  3. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted
  4. The unused objects that are not tied to the firewall policies in policy package will be deleted from the FortiManager database
Correct answer: C



Question 7

View the following exhibit, which shows the Download Import Report:
 
Why it is failing to import firewall policy ID 2?


  1. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate
  2. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager
  3. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager
  4. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.
Correct answer: A
Explanation:
FortiManager_6.4_Study_Guide-Online -- page 331 & 332
FortiManager_6.4_Study_Guide-Online -- page 331 & 332



Question 8

Refer to the exhibit.
 
Which two statements are true if the script is executed using the Device Database option? (Choose two.)


  1. You must install these changes using the Install Wizard to a managed device
  2. The successful execution of a script on the Device Database will create a new revision history
  3. The script history will show successful installation of the script on the remote FortiGate
  4. The Device Settings Status will be tagged as Modified
Correct answer: AD



Question 9

Which two statements regarding device management on FortiManager are true? (Choose two.)


  1. FortiGate devices in HA cluster devices are counted as a single device.
  2. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.
  3. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.
  4. The maximum number of managed devices for each ADOM is 500.
Correct answer: AC



Question 10

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)


  1. The Security Fabric license, group name and password are required for the FortiManager Security Fabric integration
  2. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
  3. The Security Fabric settings are part of the device level settings
  4. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
Correct answer: CD









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files