Fortinet NSE5 Forti Manager v7.2

Certification Provider: Fortinet

Exam: FCP: Forti Manager 7.2 Administrator

Exam Code: NSE5 FMG v7.2

Total Question: 72

Question per Quiz: 35

Updated On: 10 April 2025

Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam.

An administrator would like to create an SD-WAN using central management in the Training ADOM. To create an SD-WAN using central management, which two steps must be completed? (Choose two)

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SDWAN template settings

Enable SD-WAN central management in the Training ADOM

Specify a gateway address when you create a default SD-WAN static route

Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces

Refer to the exhibit. How will FortiManager try to get updates for antivirus and IPS?

From the default server fds1.fortinet.com

From the list of configured override servers or public FDN servers

From public FDNI server IP address with the fourth highest octet only

From the configured override server IP address 10.0.1.50 only

None

Refer to the exhibit. What is the purpose of setting ADOM Mode to Advanced?

This setting enables the ADOMs feature on FortiManager.

This setting disables concurrent ADOM access and adds ADOM locking.

This setting allows you to assign a VDOM from a single device to a different ADOM.

This setting allows you to manage FortiGate chassis models.

None

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

When you configure MEA, you must open TCP or UDP port 540.

The administrator must have the super user profile.

You must open the ports to the Fortinet registry.

You must create an MEA special policy on Forti Manager using the super user profile.

An administrator configures a new OSPF route on FortiManager and has not yet pushed the changes to the managed FortiGate device. In which database will the configuration be saved?

Configuration-level database

ADOM-level database

Device-level database

Revision history database

None

Which two items does an FGFM keepalive message include? (Choose two.)

FortiGate IPS version

FortiGate uptime

FortiGate license information

FortiGate configuration checksum

Refer to the exhibit showing a Download Import Report. Why is it failing to import firewall policy ID 1?

Policy ID 1 for this managed FortiGate already exists on FortiManager in the policy package named Remote-FortiGate.

The address object used in policy ID 1 already exists in the ADOM database with any as the interface association, and conflicts with the address object interface association locally on FortiGate.

Policy ID 1 does not have the ADOM Interface mapping configured on FortiManager.

Policy ID 1 is configured from the interface any to port6. FortiManager rejects the request to import this policy because the any interface does not exist on FortiManager.

None

An administrator is replacing a failed device on FortiManager by running the following command: execute device replace sn . Which device name and serial number must the administrator use?

The device name of the new device and serial number of the failed device.

The device name and serial number of the failed device.

The device name and serial number of the new device.

The device name of the failed device and serial number of the new device.

None

Which three settings are the factory default settings on FortiManager? (Choose three.)

The Forti Manager setup wizard is disabled.

FortiAnalyzer features are disabled

Reports and Event Monitor panes are enabled

port1 interface IP address is 192.168.1.99/24

The administrative domain is disabled.

10.

Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit?

Policy ID 2 is installed without the remote user student.

Policy ID 2 is installed in the disabled state.

Policy ID 2 is installed without a source address.

Policy ID 2 will not be installed.

None

11.

Refer to the exhibit. A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access only to My_ADOM. How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package?

The service provider administrator can unassign both policies from the global ADOM

The customer administrator can unassign both global polices from My_ADOM

The customer administrator can unassign both polices by locking My_ADOM

The service provider administrator can unassign both global policies from My_ADOM

None

12.

You are moving managed FortiGate devices from one ADOM to a new ADOM. Which statement correctly describes the expected result?

Policy packages will be imported into the new ADOM automatically.

The shared policy package will not be moved to the new ADOM.

Any unused objects from a previous ADOM are moved to the new ADOM automatically.

The shared device settings will be installed automatically.

None

13.

In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices only. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric. Given the administrator’s actions, which statement correctly describes the expected result?

The authorized FortiGate will be automatically added to the Training ADOM.

The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.

The authorized FortiGate will appear in the root ADOM.

The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.

None

14.

What will happen if the script is run using the Device Database option? (Choose two.)

The Device Settings Status will be tagged as Modified.

You must install these changes using the Install Wizard to a managed device.

The script history will show successful installation of the script on the remote FortiGate.

The successful execution of a script on the Device Database will create a new revision history.

15.

Refer to the exhibit. Given the configuration shown in the exhibit, what are two results from this configuration? (Choose two.)

Unlocking an ADOM will install configuration changes automatically on managed devices.

Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out.

The same administrator can lock more than one ADOM at the same time.

Unlocking an ADOM will submit configuration changes automatically to the approval administrator.

16.

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

VIP and IP Pools

Security profiles

Routing

Firewall policies

None

17.

Refer to the exhibit. A junior administrator is troubleshooting a FortiManager connectivity issue that is occurring with managed FortiGate devices. Given the FortiManager device manager settings shown in the exhibit, what can you conclude from the exhibit?

Forti Manager lost internet connectivity, therefore, both devices appear to be down.

The administrator had restored the Forti Manager configuration file.

The administrator can reclaim the FGFM tunnel to get both devices online.

The administrator must refresh both devices to restore connectivity.

None

18.

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1. What will happen to the Fortinet policy package when it is created?

You need to reapply the global policy package to the ADOM.

You can select the option to assign the global policies.

It automatically assigns the global policies.

You need to assign the global policy package from the global ADOM.

None

19.

Refer to the exhibit.

On Forti Manager, an administrator created a new system template named Training with two new DNS addresses. During the installation preview stage, the administrator notices that central-management settings need to be purged.
What can be the main reason for the central-management purge command?

The ADOM is locked by another administrator.

The DNS addresses in the default system settings are the same as the Training system template.

The Training system template has a default FortiGuard widget.

The Remote-FortiGate device does not have any DNS server-list configured in the central-management settings.

None

20.

Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.)

The administrator must set the FortiManager ADOM mode to Advanced.

The FortiManager policies and objects database can be shared between the Financial and HR ADOMs.

The administrator must configure FortiManager in workspace mode.

Admin A can access VDOM2 and VDOM3 with the super user profile.

21.

An administrator is in the process of moving the system template profile between ADOMs by running the following command: execute fmprofile import-profile ADOM2 3547 /tmp/myfile Where does the administrator import the file from?

File system

ADOM2 object database

ADOM2

ADOM1

None

22.

Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate.

The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database.

The unused objects that are not tied to the firewall policies will be installed on FortiGate.

The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted.

None

23.

Which two settings must be configured for SD-WAN Central Management? (Choose two.)

The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.

SD-WAN must be enabled on per-ADOM basis

When you configure an SD-WAN, you must specify at least two member interfaces.

You can create multiple SD-WAN interfaces per VDOM

24.

What will happen if FortiAnalyzer features are enabled on FortiManager?

FortiManager will keep all the logs and reports on the FortiManager.

FortiManager can be used only as a logging device.

FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.

FortiManager will install the logging configuration to the managed devices.

None

25.

Which two statements about an ADOM set in Normal mode on Forti Manager are true?

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate.

You cannot assign the same ADOM to multiple administrators.

It allows making configuration changes for managed devices on FortiManager panes.

It supports the FortiManager script feature.

26.

What are two outcomes of ADOM revisions? (Choose two.)

ADOM revisions can save the current state of all policy packages and objects for an ADOM

ADOM revisions can save the current size of the whole ADOM

ADOM revisions can significantly increase the size of the configuration backups.

ADOM revisions can create System Checkpoints for the FortiManager configuration

27.

An administrator run the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do?

It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate.

It installs the provisioning template configuration on the specified FortiGate.

It installs the latest configuration on the specified FortiGate and update the revision history database.

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

None

28.

An administrator runs the Policy Check feature on Forti Manager ADOM. What will be the result?

It will find and provide recommendations for optimizing policies in a policy package.

It will find and merge duplicate policies in the policy package.

It will find and provide recommendations to combine multiple separate policy packages into one common policy package.

It will find and delete disabled firewall policies in the policy package.

None

29.

Which two statements about the scheduled backup of FortiManager are true?

It does not back up firmware images saved on FortiManager.

t can be configured using the CLI and GUI.

It supports FTP, SCP, and SFTP.

It backs up all devices and the FortiGuard database.

30.

Given the configuration shown in the exhibit, which two statements are true?

Forti Manager is in workflow mode.

The FortiManager ADOM is locked by the administrator.

The Forti Manager ADOM workspace mode is set to Normal.

An administrator can also lock the Local-FortiGate-1 policy package.

Time's up

Follow Us

Fortinet NSE5 Forti Manager v7.2

PCNSE – Palo Alto Certified Network Security Engineer

PCNSC – Paloalto Certified Network Security Consultant

No Comment! Be the first one.

Leave a Reply Cancel reply

Popular

Interswitch Connectivity | VLAN Tagging | Trunk Port

Social

Newsletter

Follow Us

Type and hit Enter to search

Fortinet NSE5 Forti Manager v7.2

Share Article

PCNSE – Palo Alto Certified Network Security Engineer

PCNSC – Paloalto Certified Network Security Consultant

No Comment! Be the first one.

Leave a Reply Cancel reply

Popular

Interswitch Connectivity | VLAN Tagging | Trunk Port

Setup Windows Hello Fingerprint Login

Social

Newsletter