Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 06 April 2024Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. Refer to the exhibit. What is the purpose of setting ADOM Mode to Advanced? This setting allows you to manage FortiGate chassis models. This setting enables the ADOMs feature on FortiManager. This setting disables concurrent ADOM access and adds ADOM locking. This setting allows you to assign a VDOM from a single device to a different ADOM. None 2. View the following exhibit. Which statement is true regarding this failed installation log? Policy ID 2 is installed without a source address Policy ID 2 is installed in disabled state Policy ID 2 will not be installed Policy ID 2 is installed without a source device None 3. Which two statements about Security Fabric integration with FortiManager are true? (Choose two.) The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices. The Security Fabric settings are part of the device-level settings. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration. 4. In the event that the monitored interface for the primary FortiManager device fails, which statement is true about Forti Manager HA? The FortiManager HA failover is transparent to administrators and does not require any reconfiguration. Reconfigure the primary device to remove the peer IP of the failed device. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device Reboot the failed device to remove its IP from the primary device. None 5. Refer to the exhibit showing a Download Import Report. Why is it failing to import firewall policy ID 1? The address object used in policy ID 1 already exists in the ADOM database with any as the interface association, and conflicts with the address object interface association locally on FortiGate. Policy ID 1 is configured from the interface any to port6. FortiManager rejects the request to import this policy because the any interface does not exist on FortiManager. Policy ID 1 for this managed FortiGate already exists on FortiManager in the policy package named Remote-FortiGate. Policy ID 1 does not have the ADOM Interface mapping configured on FortiManager. None 6. An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1? When a new policy package is created, the administrator must import the global policy package to ADOM1. When a new policy package is created, the administrator must assign the global policy package from the global ADOM. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package. When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package. None 7. An administrator created a header and footer global policy package and assigned it to an ADOM. What are two outcomes from this action? (Choose two.) You can edit or delete all the global objects in the global ADOM. You must manually move the header and footer policies after the policy assignment. f you assign an additional global policy package to the same ADOM, FortiManager removes previously assigned policies. After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed. 8. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will replace the deleted address object with all address object in the referenced firewall policy FortiManager will not allow the administrator to delete a referenced address object FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will disable the status of the referenced firewall policy None 9. Refer to the exhibit. A junior administrator is troubleshooting a FortiManager connectivity issue that is occurring with managed FortiGate devices. Given the FortiManager device manager settings shown in the exhibit, what can you conclude from the exhibit? The administrator had restored the Forti Manager configuration file. Forti Manager lost internet connectivity, therefore, both devices appear to be down. The administrator can reclaim the FGFM tunnel to get both devices online. The administrator must refresh both devices to restore connectivity. None 10. An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_User rights over the device from approving a workflow session? Trainer must close Student’s workflow session before approving the request. Trainer is not a part of workflow approval group. Trainer must first create their own workflow session to approve student session. Trainer does not have full rights over this ADOM. None 11. Refer to the exhibit. An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit. Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.) The admin session requires approval before administrator can see the FortiAnalyzer feature panes. The administrator profile does not have full access privileges like the Super_User profile. FortiAnalyzer features are not enabled on FortiManager. The administrator workflow is enabled on the ADOM. 12. What is the purpose of ADOM revisions? To save the FortiManager configuration in the System Checkpoints To revert individual policy packages and device-level settings for a managed FortiGate To save the current state of the whole ADOM To save the current state of all policy packages and objects for an ADOM None 13. Refer to the exhibit. A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access only to My_ADOM. How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package? The service provider administrator can unassign both policies from the global ADOM The customer administrator can unassign both global polices from My_ADOM The customer administrator can unassign both polices by locking My_ADOM The service provider administrator can unassign both global policies from My_ADOM None 14. An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message. Which troubleshooting step should you take to resolve the issue? Make sure Offline Mode is disabled Make sure the administrator IP address is part of the trusted hosts. Make sure ADOMs are enabled and the administrator has access to the Global ADOM Make sure FortiManager Access is enabled in the administrator profile None 15. Refer to the exhibit. Given the configuration shown in the exhibit, what are two results from this configuration? (Choose two.) Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out. Unlocking an ADOM will install configuration changes automatically on managed devices. Unlocking an ADOM will submit configuration changes automatically to the approval administrator. The same administrator can lock more than one ADOM at the same time. 16. Refer to the exhibit. How will FortiManager try to get updates for antivirus and IPS? From the default server fds1.fortinet.com From public FDNI server IP address with the fourth highest octet only From the configured override server IP address 10.0.1.50 only From the list of configured override servers or public FDN servers None 17. Which two items are included in the FortiManager backup? (Choose two.) All devices Firmware images Flash configuration FortiGuard database 18. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true? The FortiGate will be added automatically to the default ADOM named FortiGate. By default, the unregistered FortiGate will appear in the root ADOM. The FortiManager administrator must add the unregistered device manually to the unregistered device manually to the Training ADOM using the Add Device wizard The FortiGate will be automatically added to the Training ADOM. None 19. Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.) When you configure MEA, you must open TCP or UDP port 540. The administrator must have the super user profile. You must create an MEA special policy on Forti Manager using the super user profile. You must open the ports to the Fortinet registry. 20. What is the purpose of the Policy Check feature on FortiManager? To find and merge duplicate policies in the policy package To find and delete disabled firewall policies in the policy package To find and provide recommendation for optimizing policies in a policy package To find and provide recommendation to combine multiple separate policy packages into one common None 21. What are two outcomes of ADOM revisions? (Choose two.) ADOM revisions can create System Checkpoints for the FortiManager configuration ADOM revisions can save the current state of all policy packages and objects for an ADOM ADOM revisions can significantly increase the size of the configuration backups. ADOM revisions can save the current size of the whole ADOM 22. An administrator would like to create an SD-WAN using central management in the Training ADOM. To create an SD-WAN using central management, which two steps must be completed? (Choose two) Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces Enable SD-WAN central management in the Training ADOM Specify a gateway address when you create a default SD-WAN static route Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SDWAN template settings 23. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. During discovery, FortiManager sets the NATed device IP address on FortiGate. None 24. What will happen if FortiAnalyzer features are enabled on FortiManager? FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices. FortiManager will install the logging configuration to the managed devices. FortiManager can be used only as a logging device. FortiManager will keep all the logs and reports on the FortiManager. None 25. Which two items does an FGFM keepalive message include? (Choose two.) FortiGate license information FortiGate uptime FortiGate configuration checksum FortiGate IPS version 26. Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit? Policy ID 2 will not be installed. Policy ID 2 is installed without a source address. Policy ID 2 is installed in the disabled state. Policy ID 2 is installed without the remote user student. None 27. An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface? It allows third-party applications to gain read/write access to FortiManager. It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices. It allows FortiManager to determine the connection status of managed devices. It allows administrative access to FortiManager. None 28. An administrator enabled workspace mode and now wants to delete an address object that is currently referenced in a firewall policy. Which two results can the administrator expect to happen? (Choose two.) FortiManager will temporarily change the status of the referenced firewall policy. FortiManager will not allow the administrator to delete a referenced address object until the ADOM is locked. FortiManager will disable the status of the address object. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy. 29. Which two statements about an ADOM set in Normal mode on Forti Manager are true? You cannot assign the same ADOM to multiple administrators. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate. It allows making configuration changes for managed devices on FortiManager panes. It supports the FortiManager script feature. 30. An administrator configures a new OSPF route on FortiManager and has not yet pushed the changes to the managed FortiGate device. In which database will the configuration be saved? Revision history database Device-level database ADOM-level database Configuration-level database None Time's up