Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 10 April 2025Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. An administrator enabled workspace mode and now wants to delete an address object that is currently referenced in a firewall policy. Which two results can the administrator expect to happen? (Choose two.) FortiManager will not allow the administrator to delete a referenced address object until the ADOM is locked. FortiManager will disable the status of the address object. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy. FortiManager will temporarily change the status of the referenced firewall policy. 2. In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state? Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration. None 3. Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.) The administrator must have the super user profile. You must create an MEA special policy on Forti Manager using the super user profile. You must open the ports to the Fortinet registry. When you configure MEA, you must open TCP or UDP port 540. 4. Refer to the exhibit. Given the configuration shown in the exhibit, how did Forti Manager handle the service category named General? Forti Manager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database. FortiManager ignored the firewall service category General but created a new service category in its database. Forti Manager ignored the firewall service category General and did not update its database with the value. FortiManager ignored the firewall service category General and deleted the duplicate value in its database. None 5. An administrator is replacing a failed device on FortiManager by running the following command: execute device replace sn . Which device name and serial number must the administrator use? The device name and serial number of the new device. The device name and serial number of the failed device. The device name of the new device and serial number of the failed device. The device name of the failed device and serial number of the new device. None 6. Which two statements about Security Fabric integration with FortiManager are true? (Choose two.) The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices. The Security Fabric settings are part of the device-level settings. 7. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices only. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric. Given the administrator’s actions, which statement correctly describes the expected result? The authorized FortiGate will be automatically added to the Training ADOM. The authorized FortiGate will appear in the root ADOM. The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors. None 8. Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit? Policy ID 2 is installed without the remote user student. Policy ID 2 is installed without a source address. Policy ID 2 will not be installed. Policy ID 2 is installed in the disabled state. None 9. Given the configuration shown in the exhibit, what can you conclude from the installation targets in the Install On column? (Choose two.) Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only. Policy seq.# 3 will be skipped because no installation targets are specified. Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets. Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target. Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM. 10. Refer to the exhibit. An administrator wants to create a policy on the Staging ADOM in backup mode, and install it on the FortiGate device in the same ADOM. How can the administrator perform this task? The administrator must use the FortiManager script. The administrator must change the ADOM mode to Advanced to bring the FortiManager online. The administrator must use the Policy & Objects section to create a policy first. The administrator must disable the FortiManager offline mode first. None 11. An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1. What will happen to the Fortinet policy package when it is created? You need to assign the global policy package from the global ADOM. You can select the option to assign the global policies. It automatically assigns the global policies. You need to reapply the global policy package to the ADOM. None 12. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager sets the NATed device IP address on FortiGate. During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. None 13. Refer to the exhibit. A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access only to My_ADOM. How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package? The service provider administrator can unassign both policies from the global ADOM The customer administrator can unassign both polices by locking My_ADOM The service provider administrator can unassign both global policies from My_ADOM The customer administrator can unassign both global polices from My_ADOM None 14. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will not allow the administrator to delete a referenced address object FortiManager will disable the status of the referenced firewall policy FortiManager will replace the deleted address object with all address object in the referenced firewall policy None 15. View the following exhibit. Which statement is true regarding this failed installation log? Policy ID 2 will not be installed Policy ID 2 is installed without a source device Policy ID 2 is installed without a source address Policy ID 2 is installed in disabled state None 16. An administrator would like to review, approve or reject all the firewall policy changes made by the junior administrators. How should the workspace mode settings be configured on FortiManager? Set to read/write and using the policy locking feature Set to workflow and using the ADOM locking feature Set to workspace and using the policy locking feature Set to normal and using the approval group feature None 17. An administrator run the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do? It installs the provisioning template configuration on the specified FortiGate. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database. It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate. It installs the latest configuration on the specified FortiGate and update the revision history database. None 18. What is the advantage of using FortiManager to manage FortiAnalyzer? It allows FortiManager to act as a collector and FortiAnalyzer device. It allows FortiManager to manage all FortiGate devices. It allows FortiManager to run reports based on FortiAnalyzer. It allows FortiManager to store all managed FortiGate device logs. None 19. Which two items are included in the FortiManager backup? (Choose two.) Firmware images FortiGuard database All devices Flash configuration 20. Which three settings are the factory default settings on FortiManager? (Choose three.) Reports and Event Monitor panes are enabled The Forti Manager setup wizard is disabled. FortiAnalyzer features are disabled The administrative domain is disabled. port1 interface IP address is 192.168.1.99/24 21. Refer to the exhibit. An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit. Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.) The administrator profile does not have full access privileges like the Super_User profile. FortiAnalyzer features are not enabled on FortiManager. The admin session requires approval before administrator can see the FortiAnalyzer feature panes. The administrator workflow is enabled on the ADOM. 22. What will happen if the script is run using the Device Database option? (Choose two.) The Device Settings Status will be tagged as Modified. You must install these changes using the Install Wizard to a managed device. The script history will show successful installation of the script on the remote FortiGate. The successful execution of a script on the Device Database will create a new revision history. 23. What does a policy package status of Never Installed indicate? The policy package was never imported after a device was registered on Forti Manager. The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device. The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager. FortiManager is unable to determine the policy package status. None 24. What does a policy package status of Conflict indicate? The policy configuration has never been imported after a device was registered on FortiManager. The policy package configuration has been changed on both FortiManager and the managed device independently. The policy package reports inconsistencies and conflicts during a Policy Consistency Check. None 25. An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_User rights over the device from approving a workflow session? Trainer must first create their own workflow session to approve student session. Trainer does not have full rights over this ADOM. Trainer must close Student’s workflow session before approving the request. Trainer is not a part of workflow approval group. None 26. An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1? When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package. When a new policy package is created, the administrator must import the global policy package to ADOM1. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package. When a new policy package is created, the administrator must assign the global policy package from the global ADOM. None 27. Refer to the exhibit. Which statement is true about the Forti Manager ADOM policy tab based on the API request? The API command has enabled both central NAT and interface policy on the policy tab. The API command has requested the policy tab permissions information only. The API command has failed when requesting policy tab permissions information. The API command has applied to customer with ID: 200. None 28. Refer to the exhibit. What will happen if the script is run using the Remote FortiGate Directly (via CLI) option? (Choose two.) FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate. FortiManager will create a new revision history. FortiGate will auto-update the FortiManager device-level database. You must install these changes using the Install Wizard. 29. Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.) The FortiManager policies and objects database can be shared between the Financial and HR ADOMs. The administrator must configure FortiManager in workspace mode. The administrator must set the FortiManager ADOM mode to Advanced. Admin A can access VDOM2 and VDOM3 with the super user profile. 30. Which two statements about an ADOM set in Normal mode on Forti Manager are true? It supports the FortiManager script feature. You cannot assign the same ADOM to multiple administrators. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate. It allows making configuration changes for managed devices on FortiManager panes. Time's up
