Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 06 April 2024Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will not allow the administrator to delete a referenced address object FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will replace the deleted address object with all address object in the referenced firewall policy FortiManager will disable the status of the referenced firewall policy None 2. An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message. Which troubleshooting step should you take to resolve the issue? Make sure Offline Mode is disabled Make sure the administrator IP address is part of the trusted hosts. Make sure ADOMs are enabled and the administrator has access to the Global ADOM Make sure FortiManager Access is enabled in the administrator profile None 3. Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit? Policy ID 2 is installed without the remote user student. Policy ID 2 is installed in the disabled state. Policy ID 2 will not be installed. Policy ID 2 is installed without a source address. None 4. An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_User rights over the device from approving a workflow session? Trainer does not have full rights over this ADOM. Trainer must close Student’s workflow session before approving the request. Trainer must first create their own workflow session to approve student session. Trainer is not a part of workflow approval group. None 5. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true? The FortiManager administrator must add the unregistered device manually to the unregistered device manually to the Training ADOM using the Add Device wizard The FortiGate will be added automatically to the default ADOM named FortiGate. The FortiGate will be automatically added to the Training ADOM. By default, the unregistered FortiGate will appear in the root ADOM. None 6. An administrator runs the Policy Check feature on Forti Manager ADOM. What will be the result? It will find and delete disabled firewall policies in the policy package. It will find and merge duplicate policies in the policy package. It will find and provide recommendations for optimizing policies in a policy package. It will find and provide recommendations to combine multiple separate policy packages into one common policy package. None 7. Which two statements about an ADOM set in Normal mode on Forti Manager are true? It allows making configuration changes for managed devices on FortiManager panes. It supports the FortiManager script feature. You cannot assign the same ADOM to multiple administrators. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate. 8. Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.) The administrator must configure FortiManager in workspace mode. The FortiManager policies and objects database can be shared between the Financial and HR ADOMs. Admin A can access VDOM2 and VDOM3 with the super user profile. The administrator must set the FortiManager ADOM mode to Advanced. 9. In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state? Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device. None 10. What will happen if FortiAnalyzer features are enabled on FortiManager? FortiManager will install the logging configuration to the managed devices. FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices. FortiManager will keep all the logs and reports on the FortiManager. FortiManager can be used only as a logging device. None 11. Which two conditions trigger FortiManager to create a new revision history? (Choose two.) When changes to device-level database is made on FortiManager When configuration revision is reverted to previous revision in the revision history When FortiManager is auto-updated with configuration changes made directly on a managed device When FortiManager installs device-level changes to a managed device 12. What is the purpose of the Policy Check feature on FortiManager? To find and merge duplicate policies in the policy package To find and delete disabled firewall policies in the policy package To find and provide recommendation to combine multiple separate policy packages into one common To find and provide recommendation for optimizing policies in a policy package None 13. Refer to the exhibit. Which statement about the object named ALL is true? FortiManager updated the object ALL using the FortiManager value in its database. FortiManager installed the object ALL with the updated value. FortiManager updated the object ALL using the FortiGate value in its database. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate. None 14. What does a policy package status of Never Installed indicate? The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager. The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device. The policy package was never imported after a device was registered on Forti Manager. FortiManager is unable to determine the policy package status. None 15. An administrator run the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do? It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database. It installs the provisioning template configuration on the specified FortiGate. It installs the latest configuration on the specified FortiGate and update the revision history database. It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate. None 16. In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices only. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric. Given the administrator’s actions, which statement correctly describes the expected result? The authorized FortiGate will be automatically added to the Training ADOM. The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors. The authorized FortiGate will appear in the root ADOM. None 17. Which configuration setting for FortiGate is part of a device-level database on FortiManager? Routing VIP and IP Pools Firewall policies Security profiles None 18. An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes. What is the purpose of this command? It allows FortiManager to unset the new configuration through CLI and reboot FortiGate. It allows FortiManager to revert and install a previous configuration revision on the managed FortiGate. It allows FortiGate to reboot and recover the previous configuration from its configuration file. It allows FortiGate to reboot and restore a previously working firmware image. None 19. Given the configuration shown in the exhibit, what can you conclude from the installation targets in the Install On column? (Choose two.) Policy seq.# 3 will be skipped because no installation targets are specified. Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only. Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target. Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM. Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets. 20. An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1? When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package. When a new policy package is created, the administrator must import the global policy package to ADOM1. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package. When a new policy package is created, the administrator must assign the global policy package from the global ADOM. None 21. Refer to the exhibit. An administrator logs in to the FortiManager GUI and sees the panes shown in the exhibit. Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.) The admin session requires approval before administrator can see the FortiAnalyzer feature panes. The administrator profile does not have full access privileges like the Super_User profile. The administrator workflow is enabled on the ADOM. FortiAnalyzer features are not enabled on FortiManager. 22. What will be the result of reverting to a previous revision version in the revision history? It will tag the device settings status as Auto-Update. It will modify the device-level database. It will generate a new version ID and remove all other revision history versions. It will install configuration changes to managed device automatically. None 23. In the event that the monitored interface for the primary FortiManager device fails, which statement is true about Forti Manager HA? Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device Reconfigure the primary device to remove the peer IP of the failed device. The FortiManager HA failover is transparent to administrators and does not require any reconfiguration. Reboot the failed device to remove its IP from the primary device. None 24. Refer to the exhibit. An administrator has created a firewall address object, Local, which is used in the Remote-FortiGate policy package. When the installation operation is performed, which IP/Netmask will be installed on Remote-FortiGate, for the Local firewall address object? It will create the Local and Remote-Local firewall address objects on Remote-FortiGate with 192.168.5.0/24 and 10.0.2.0/24 values. 10.0.2.0/24 192.168.5.0/24 Remote-FortiGate will automatically choose an IP/netmask based on its network interface settings. None 25. Refer to the exhibit. Which two statements about the output are true? (Choose two.) Configuration changes have been installed on FortiGate, which means the FortiGate configuration has been changed. Configuration changes directly made on FortiGate have been automatically updated to the device-level database. The latest revision history for the managed FortiGate does match the FortiGate running configuration. The latest revision history for the managed FortiGate does not match the device-level database. 26. An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1. What will happen to the Fortinet policy package when it is created? You need to assign the global policy package from the global ADOM. It automatically assigns the global policies. You need to reapply the global policy package to the ADOM. You can select the option to assign the global policies. None 27. An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface? It allows third-party applications to gain read/write access to FortiManager. It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices. It allows administrative access to FortiManager. It allows FortiManager to determine the connection status of managed devices. None 28. What is the purpose of ADOM revisions? To save the FortiManager configuration in the System Checkpoints To revert individual policy packages and device-level settings for a managed FortiGate To save the current state of the whole ADOM To save the current state of all policy packages and objects for an ADOM None 29. Refer to the exhibit. What will happen if the script is run using the Remote FortiGate Directly (via CLI) option? (Choose two.) FortiManager will create a new revision history. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate. You must install these changes using the Install Wizard. FortiGate will auto-update the FortiManager device-level database. 30. Which two items are included in the FortiManager backup? (Choose two.) Firmware images All devices Flash configuration FortiGuard database Time's up