Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 10 April 2025Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. What does a policy package status of Conflict indicate? The policy configuration has never been imported after a device was registered on FortiManager. The policy package reports inconsistencies and conflicts during a Policy Consistency Check. The policy package configuration has been changed on both FortiManager and the managed device independently. None 2. An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_User rights over the device from approving a workflow session? Trainer does not have full rights over this ADOM. Trainer is not a part of workflow approval group. Trainer must first create their own workflow session to approve student session. Trainer must close Student’s workflow session before approving the request. None 3. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices only. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric. Given the administrator’s actions, which statement correctly describes the expected result? The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only. The authorized FortiGate will appear in the root ADOM. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors. The authorized FortiGate will be automatically added to the Training ADOM. None 4. What is the purpose of ADOM revisions? To revert individual policy packages and device-level settings for a managed FortiGate To save the current state of all policy packages and objects for an ADOM To save the FortiManager configuration in the System Checkpoints To save the current state of the whole ADOM None 5. Refer to the exhibit. Which statement about the object named ALL is true? FortiManager updated the object ALL using the FortiGate value in its database. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate. FortiManager updated the object ALL using the FortiManager value in its database. FortiManager installed the object ALL with the updated value. None 6. An administrator configures a new OSPF route on FortiManager and has not yet pushed the changes to the managed FortiGate device. In which database will the configuration be saved? ADOM-level database Configuration-level database Revision history database Device-level database None 7. Refer to the exhibit. You are using the Quick Install option to install configuration changes on the managed FortiGate. Which two statements correctly describe the result? (Choose two.) It installs device-level changes on the FortiGate device without launching the Install Wizard. It installs all the changes in the device database first and the administrator must reinstall the changes on the FortiGate device. It provides the option to preview only the policy package changes before installing them. It installs provisioning template changes on the FortiGate device. 8. Given the configuration shown in the exhibit, what can you conclude from the installation targets in the Install On column? (Choose two.) Policy seq.# 3 will be skipped because no installation targets are specified. Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only. Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target. Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets. Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM. 9. An administrator enabled workspace mode and now wants to delete an address object that is currently referenced in a firewall policy. Which two results can the administrator expect to happen? (Choose two.) FortiManager will not allow the administrator to delete a referenced address object until the ADOM is locked. FortiManager will disable the status of the address object. FortiManager will temporarily change the status of the referenced firewall policy. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy. 10. An administrator runs the Policy Check feature on Forti Manager ADOM. What will be the result? It will find and provide recommendations to combine multiple separate policy packages into one common policy package. It will find and provide recommendations for optimizing policies in a policy package. It will find and merge duplicate policies in the policy package. It will find and delete disabled firewall policies in the policy package. None 11. Refer to the exhibit. According to the error message, why is FortiManager failing to add the FortiAnalyzer device? The administrator must use the correct user name and password of the FortiAnalyzer device. The administrator must turn off the Use Legacy Device login and add the FortiAnalyzer device to the same network as Forti Manager. The administrator must use the Add Model Device section and discover the Forti Analyzer device. The administrator must select the Forti Manager administrative access checkbox on the Forti Analyzer management interface. None 12. In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state? Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration. None 13. Refer to the exhibit. Given the configuration shown in the exhibit, what are two results from this configuration? (Choose two.) The same administrator can lock more than one ADOM at the same time. Unlocking an ADOM will install configuration changes automatically on managed devices. Unlocking an ADOM will submit configuration changes automatically to the approval administrator. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out. 14. Which two conditions trigger FortiManager to create a new revision history? (Choose two.) When configuration revision is reverted to previous revision in the revision history When FortiManager installs device-level changes to a managed device When FortiManager is auto-updated with configuration changes made directly on a managed device When changes to device-level database is made on FortiManager 15. Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate? The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted. The unused objects that are not tied to the firewall policies will be installed on FortiGate. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate. The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database. None 16. Refer to the exhibit. An administrator wants to create a policy on the Staging ADOM in backup mode, and install it on the FortiGate device in the same ADOM. How can the administrator perform this task? The administrator must disable the FortiManager offline mode first. The administrator must use the Policy & Objects section to create a policy first. The administrator must change the ADOM mode to Advanced to bring the FortiManager online. The administrator must use the FortiManager script. None 17. Refer to the exhibit. Given the configuration shown in the exhibit, how did Forti Manager handle the service category named General? Forti Manager ignored the firewall service category General and did not update its database with the value. FortiManager ignored the firewall service category General but created a new service category in its database. FortiManager ignored the firewall service category General and deleted the duplicate value in its database. Forti Manager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database. None 18. In the event that the monitored interface for the primary FortiManager device fails, which statement is true about Forti Manager HA? Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device The FortiManager HA failover is transparent to administrators and does not require any reconfiguration. Reconfigure the primary device to remove the peer IP of the failed device. Reboot the failed device to remove its IP from the primary device. None 19. Refer to the exhibit. How will FortiManager try to get updates for antivirus and IPS? From public FDNI server IP address with the fourth highest octet only From the configured override server IP address 10.0.1.50 only From the default server fds1.fortinet.com From the list of configured override servers or public FDN servers None 20. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will disable the status of the referenced firewall policy FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will replace the deleted address object with all address object in the referenced firewall policy FortiManager will not allow the administrator to delete a referenced address object None 21. Which two statements about Security Fabric integration with FortiManager are true? (Choose two.) The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration. The Security Fabric settings are part of the device-level settings. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices. 22. View the following exhibit. Which statement is true regarding this failed installation log? Policy ID 2 is installed in disabled state Policy ID 2 is installed without a source address Policy ID 2 will not be installed Policy ID 2 is installed without a source device None 23. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager sets the NATed device IP address on FortiGate. During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. None 24. Which configuration setting for FortiGate is part of a device-level database on FortiManager? Firewall policies Security profiles VIP and IP Pools Routing None 25. What will happen if the script is run using the Device Database option? (Choose two.) You must install these changes using the Install Wizard to a managed device. The successful execution of a script on the Device Database will create a new revision history. The script history will show successful installation of the script on the remote FortiGate. The Device Settings Status will be tagged as Modified. 26. Refer to the exhibit. A junior administrator is troubleshooting a FortiManager connectivity issue that is occurring with managed FortiGate devices. Given the FortiManager device manager settings shown in the exhibit, what can you conclude from the exhibit? The administrator had restored the Forti Manager configuration file. Forti Manager lost internet connectivity, therefore, both devices appear to be down. The administrator must refresh both devices to restore connectivity. The administrator can reclaim the FGFM tunnel to get both devices online. None 27. What is the purpose of the Policy Check feature on FortiManager? To find and delete disabled firewall policies in the policy package To find and provide recommendation to combine multiple separate policy packages into one common To find and provide recommendation for optimizing policies in a policy package To find and merge duplicate policies in the policy package None 28. Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.) The FortiManager policies and objects database can be shared between the Financial and HR ADOMs. The administrator must set the FortiManager ADOM mode to Advanced. The administrator must configure FortiManager in workspace mode. Admin A can access VDOM2 and VDOM3 with the super user profile. 29. Given the configuration shown in the exhibit, which two statements are true? Forti Manager is in workflow mode. The FortiManager ADOM is locked by the administrator. The Forti Manager ADOM workspace mode is set to Normal. An administrator can also lock the Local-FortiGate-1 policy package. 30. What is the advantage of using FortiManager to manage FortiAnalyzer? It allows FortiManager to manage all FortiGate devices. It allows FortiManager to store all managed FortiGate device logs. It allows FortiManager to run reports based on FortiAnalyzer. It allows FortiManager to act as a collector and FortiAnalyzer device. None Time's up
