Certification Provider:Â FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code:Â NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 10 April 2025Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. Which two statements about Security Fabric integration with FortiManager are true? (Choose two.) The Security Fabric settings are part of the device-level settings. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices. 2. Which two statements about an ADOM set in Normal mode on Forti Manager are true? FortiManager automatically installs the configuration difference in revisions on the managed FortiGate. It supports the FortiManager script feature. It allows making configuration changes for managed devices on FortiManager panes. You cannot assign the same ADOM to multiple administrators. 3. Refer to the exhibit.On Forti Manager, an administrator created a new system template named Training with two new DNS addresses. During the installation preview stage, the administrator notices that central-management settings need to be purged.What can be the main reason for the central-management purge command? The DNS addresses in the default system settings are the same as the Training system template. The ADOM is locked by another administrator. The Remote-FortiGate device does not have any DNS server-list configured in the central-management settings. The Training system template has a default FortiGuard widget. None 4. What is the advantage of using FortiManager to manage FortiAnalyzer? It allows FortiManager to store all managed FortiGate device logs. It allows FortiManager to act as a collector and FortiAnalyzer device. It allows FortiManager to run reports based on FortiAnalyzer. It allows FortiManager to manage all FortiGate devices. None 5. Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.) The administrator must have the super user profile. You must create an MEA special policy on Forti Manager using the super user profile. You must open the ports to the Fortinet registry. When you configure MEA, you must open TCP or UDP port 540. 6. Which two statements about the scheduled backup of FortiManager are true? It supports FTP, SCP, and SFTP. t can be configured using the CLI and GUI. It backs up all devices and the FortiGuard database. It does not back up firmware images saved on FortiManager. 7. An administrator would like to review, approve or reject all the firewall policy changes made by the junior administrators. How should the workspace mode settings be configured on FortiManager? Set to normal and using the approval group feature Set to workspace and using the policy locking feature Set to read/write and using the policy locking feature Set to workflow and using the ADOM locking feature None 8. An administrator is in the process of moving the system template profile between ADOMs by running the following command: execute fmprofile import-profile ADOM2 3547 /tmp/myfile Where does the administrator import the file from? File system ADOM2 ADOM2 object database ADOM1 None 9. What will happen if the script is run using the Device Database option? (Choose two.) The Device Settings Status will be tagged as Modified. The script history will show successful installation of the script on the remote FortiGate. The successful execution of a script on the Device Database will create a new revision history. You must install these changes using the Install Wizard to a managed device. 10. An administrator runs the Policy Check feature on Forti Manager ADOM. What will be the result? It will find and provide recommendations to combine multiple separate policy packages into one common policy package. It will find and delete disabled firewall policies in the policy package. It will find and provide recommendations for optimizing policies in a policy package. It will find and merge duplicate policies in the policy package. None 11. Refer to the exhibit. Given the configuration shown in the exhibit, how did Forti Manager handle the service category named General? Forti Manager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database. Forti Manager ignored the firewall service category General and did not update its database with the value. FortiManager ignored the firewall service category General but created a new service category in its database. FortiManager ignored the firewall service category General and deleted the duplicate value in its database. None 12. What will happen if FortiAnalyzer features are enabled on FortiManager? FortiManager will install the logging configuration to the managed devices. FortiManager will keep all the logs and reports on the FortiManager. FortiManager can be used only as a logging device. FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices. None 13. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager sets the NATed device IP address on FortiGate. During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. None 14. Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit? Policy ID 2 is installed without the remote user student. Policy ID 2 is installed in the disabled state. Policy ID 2 will not be installed. Policy ID 2 is installed without a source address. None 15. Refer to the exhibit. A junior administrator is troubleshooting a FortiManager connectivity issue that is occurring with managed FortiGate devices. Given the FortiManager device manager settings shown in the exhibit, what can you conclude from the exhibit? The administrator can reclaim the FGFM tunnel to get both devices online. The administrator must refresh both devices to restore connectivity. The administrator had restored the Forti Manager configuration file. Forti Manager lost internet connectivity, therefore, both devices appear to be down. None 16. View the following exhibit. What is the purpose of setting ADOM Mode to Advanced? This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs. The setting disables concurrent ADOM access and adds ADOM locking The setting enables the ADOMs feature on FortiManager The setting allows automatic updates to the policy package configuration for a managed device None 17. What does a policy package status of Never Installed indicate? The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager. The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device. The policy package was never imported after a device was registered on Forti Manager. FortiManager is unable to determine the policy package status. None 18. An administrator is replacing a failed device on FortiManager by running the following command: execute device replace sn . Which device name and serial number must the administrator use? The device name of the failed device and serial number of the new device. The device name and serial number of the new device. The device name and serial number of the failed device. The device name of the new device and serial number of the failed device. None 19. An administrator would like to create an SD-WAN using central management in the Training ADOM. To create an SD-WAN using central management, which two steps must be completed? (Choose two) Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SDWAN template settings Enable SD-WAN central management in the Training ADOM Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces Specify a gateway address when you create a default SD-WAN static route 20. Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate? The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database. The unused objects that are not tied to the firewall policies will be installed on FortiGate. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate. None 21. An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1? When a new policy package is created, the administrator must assign the global policy package from the global ADOM. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package. When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package. When a new policy package is created, the administrator must import the global policy package to ADOM1. None 22. Which two items does an FGFM keepalive message include? (Choose two.) FortiGate IPS version FortiGate configuration checksum FortiGate license information FortiGate uptime 23. Given the configuration shown in the exhibit, which two statements are true? The FortiManager ADOM is locked by the administrator. The Forti Manager ADOM workspace mode is set to Normal. Forti Manager is in workflow mode. An administrator can also lock the Local-FortiGate-1 policy package. 24. When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel? FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down. FortiManager will revert and install a previous configuration revision on the managed FortiGate. FortiGate will reject the CLI commands that will cause the tunnel to go down. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down. None 25. An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface? It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices. It allows FortiManager to determine the connection status of managed devices. It allows third-party applications to gain read/write access to FortiManager. It allows administrative access to FortiManager. None 26. What is the purpose of the Policy Check feature on FortiManager? To find and provide recommendation for optimizing policies in a policy package To find and provide recommendation to combine multiple separate policy packages into one common To find and delete disabled firewall policies in the policy package To find and merge duplicate policies in the policy package None 27. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will disable the status of the referenced firewall policy FortiManager will not allow the administrator to delete a referenced address object FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will replace the deleted address object with all address object in the referenced firewall policy None 28. Refer to the exhibit. An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit. Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.) The administrator profile does not have full access privileges like the Super_User profile. FortiAnalyzer features are not enabled on FortiManager. The administrator workflow is enabled on the ADOM. The admin session requires approval before administrator can see the FortiAnalyzer feature panes. 29. An administrator configures a new OSPF route on FortiManager and has not yet pushed the changes to the managed FortiGate device. In which database will the configuration be saved? Device-level database Revision history database Configuration-level database ADOM-level database None 30. Refer to the exhibit. You are using the Quick Install option to install configuration changes on the managed FortiGate. Which two statements correctly describe the result? (Choose two.) It installs device-level changes on the FortiGate device without launching the Install Wizard. It installs provisioning template changes on the FortiGate device. It installs all the changes in the device database first and the administrator must reinstall the changes on the FortiGate device. It provides the option to preview only the policy package changes before installing them. Time's up
