Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 10 April 2025Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. View the following exhibit. Which statement is true regarding this failed installation log? Policy ID 2 will not be installed Policy ID 2 is installed without a source device Policy ID 2 is installed in disabled state Policy ID 2 is installed without a source address None 2. An administrator configures a new OSPF route on FortiManager and has not yet pushed the changes to the managed FortiGate device. In which database will the configuration be saved? Device-level database Revision history database ADOM-level database Configuration-level database None 3. An administrator created a header and footer global policy package and assigned it to an ADOM. What are two outcomes from this action? (Choose two.) You must manually move the header and footer policies after the policy assignment. You can edit or delete all the global objects in the global ADOM. After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed. f you assign an additional global policy package to the same ADOM, FortiManager removes previously assigned policies. 4. Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.) You must open the ports to the Fortinet registry. The administrator must have the super user profile. You must create an MEA special policy on Forti Manager using the super user profile. When you configure MEA, you must open TCP or UDP port 540. 5. Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager? SNMP NSX-T Service Template Security profiles Routing None 6. Refer to the exhibit. An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit. Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.) The admin session requires approval before administrator can see the FortiAnalyzer feature panes. The administrator profile does not have full access privileges like the Super_User profile. The administrator workflow is enabled on the ADOM. FortiAnalyzer features are not enabled on FortiManager. 7. An administrator is replacing a failed device on FortiManager by running the following command: execute device replace sn . Which device name and serial number must the administrator use? The device name and serial number of the failed device. The device name of the new device and serial number of the failed device. The device name and serial number of the new device. The device name of the failed device and serial number of the new device. None 8. Which two statements about the scheduled backup of FortiManager are true? t can be configured using the CLI and GUI. It backs up all devices and the FortiGuard database. It supports FTP, SCP, and SFTP. It does not back up firmware images saved on FortiManager. 9. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will not allow the administrator to delete a referenced address object FortiManager will replace the deleted address object with all address object in the referenced firewall policy FortiManager will disable the status of the referenced firewall policy FortiManager will replace the deleted address object with the none address object in the referenced firewall policy None 10. An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash. How can the administrator unlock the ADOM? Log in using the same administrator account to unlock the ADOM. Delete the previous admin session manually through the Forti Manager GUI or CLI. Restore the configuration from a previous backup. Log in as Super_User in order to unlock the ADOM. None 11. Refer to the exhibit. Which two statements about the output are true? (Choose two.) Configuration changes have been installed on FortiGate, which means the FortiGate configuration has been changed. Configuration changes directly made on FortiGate have been automatically updated to the device-level database. The latest revision history for the managed FortiGate does match the FortiGate running configuration. The latest revision history for the managed FortiGate does not match the device-level database. 12. Refer to the exhibit. How will FortiManager try to get updates for antivirus and IPS? From public FDNI server IP address with the fourth highest octet only From the list of configured override servers or public FDN servers From the default server fds1.fortinet.com From the configured override server IP address 10.0.1.50 only None 13. Given the configuration shown in the exhibit, which two statements are true? Forti Manager is in workflow mode. An administrator can also lock the Local-FortiGate-1 policy package. The Forti Manager ADOM workspace mode is set to Normal. The FortiManager ADOM is locked by the administrator. 14. In the event that the monitored interface for the primary FortiManager device fails, which statement is true about Forti Manager HA? The FortiManager HA failover is transparent to administrators and does not require any reconfiguration. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device Reboot the failed device to remove its IP from the primary device. Reconfigure the primary device to remove the peer IP of the failed device. None 15. Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate? The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate. The unused objects that are not tied to the firewall policies will be installed on FortiGate. The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database. None 16. You are moving managed FortiGate devices from one ADOM to a new ADOM. Which statement correctly describes the expected result? The shared device settings will be installed automatically. Any unused objects from a previous ADOM are moved to the new ADOM automatically. The shared policy package will not be moved to the new ADOM. Policy packages will be imported into the new ADOM automatically. None 17. In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state? FortiManager HA state transition is transparent to administrators and does not require any reconfiguration. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device. None 18. What is the advantage of using FortiManager to manage FortiAnalyzer? It allows FortiManager to store all managed FortiGate device logs. It allows FortiManager to run reports based on FortiAnalyzer. It allows FortiManager to manage all FortiGate devices. It allows FortiManager to act as a collector and FortiAnalyzer device. None 19. An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message. Which troubleshooting step should you take to resolve the issue? Make sure Offline Mode is disabled Make sure ADOMs are enabled and the administrator has access to the Global ADOM Make sure FortiManager Access is enabled in the administrator profile Make sure the administrator IP address is part of the trusted hosts. None 20. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager sets the NATed device IP address on FortiGate. During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. None 21. An administrator would like to create an SD-WAN using central management in the Training ADOM. To create an SD-WAN using central management, which two steps must be completed? (Choose two) Specify a gateway address when you create a default SD-WAN static route Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces Enable SD-WAN central management in the Training ADOM Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SDWAN template settings 22. Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.) The administrator must set the FortiManager ADOM mode to Advanced. Admin A can access VDOM2 and VDOM3 with the super user profile. The administrator must configure FortiManager in workspace mode. The FortiManager policies and objects database can be shared between the Financial and HR ADOMs. 23. Refer to the exhibit.On Forti Manager, an administrator created a new system template named Training with two new DNS addresses. During the installation preview stage, the administrator notices that central-management settings need to be purged.What can be the main reason for the central-management purge command? The Training system template has a default FortiGuard widget. The ADOM is locked by another administrator. The Remote-FortiGate device does not have any DNS server-list configured in the central-management settings. The DNS addresses in the default system settings are the same as the Training system template. None 24. Refer to the exhibit. Which statement about the object named ALL is true? FortiManager updated the object ALL using the FortiManager value in its database. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate. FortiManager updated the object ALL using the FortiGate value in its database. FortiManager installed the object ALL with the updated value. None 25. An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface? It allows FortiManager to determine the connection status of managed devices. It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices. It allows administrative access to FortiManager. It allows third-party applications to gain read/write access to FortiManager. None 26. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true? The FortiGate will be automatically added to the Training ADOM. The FortiManager administrator must add the unregistered device manually to the unregistered device manually to the Training ADOM using the Add Device wizard By default, the unregistered FortiGate will appear in the root ADOM. The FortiGate will be added automatically to the default ADOM named FortiGate. None 27. An administrator run the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do? It installs the provisioning template configuration on the specified FortiGate. It installs the latest configuration on the specified FortiGate and update the revision history database. It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database. None 28. If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.) FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel. During discovery, the FortiManager NATed IP address is not set by default on FortiGate. FortiGate is discovered by FortiManager through the FortiGate NATed IP address. 29. Which two conditions trigger FortiManager to create a new revision history? (Choose two.) When FortiManager is auto-updated with configuration changes made directly on a managed device When configuration revision is reverted to previous revision in the revision history When FortiManager installs device-level changes to a managed device When changes to device-level database is made on FortiManager 30. Refer to the exhibit. An administrator wants to create a policy on the Staging ADOM in backup mode, and install it on the FortiGate device in the same ADOM. How can the administrator perform this task? The administrator must change the ADOM mode to Advanced to bring the FortiManager online. The administrator must use the FortiManager script. The administrator must use the Policy & Objects section to create a policy first. The administrator must disable the FortiManager offline mode first. None Time's up
