Certification Provider: FortinetExam: FCP: Forti Manager 7.2 AdministratorExam Code: NSE5 FMG v7.2Total Question: 72Question per Quiz: 35Updated On: 10 April 2025Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam. 1. An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash. How can the administrator unlock the ADOM? Log in as Super_User in order to unlock the ADOM. Restore the configuration from a previous backup. Delete the previous admin session manually through the Forti Manager GUI or CLI. Log in using the same administrator account to unlock the ADOM. None 2. What will happen if the script is run using the Device Database option? (Choose two.) You must install these changes using the Install Wizard to a managed device. The successful execution of a script on the Device Database will create a new revision history. The Device Settings Status will be tagged as Modified. The script history will show successful installation of the script on the remote FortiGate. 3. Refer to the exhibit. You are using the Quick Install option to install configuration changes on the managed FortiGate. Which two statements correctly describe the result? (Choose two.) It provides the option to preview only the policy package changes before installing them. It installs device-level changes on the FortiGate device without launching the Install Wizard. It installs provisioning template changes on the FortiGate device. It installs all the changes in the device database first and the administrator must reinstall the changes on the FortiGate device. 4. An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen? FortiManager will replace the deleted address object with the none address object in the referenced firewall policy FortiManager will replace the deleted address object with all address object in the referenced firewall policy FortiManager will disable the status of the referenced firewall policy FortiManager will not allow the administrator to delete a referenced address object None 5. In the event that the monitored interface for the primary FortiManager device fails, which statement is true about Forti Manager HA? The FortiManager HA failover is transparent to administrators and does not require any reconfiguration. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device Reboot the failed device to remove its IP from the primary device. Reconfigure the primary device to remove the peer IP of the failed device. None 6. Refer to the exhibit. According to the error message, why is FortiManager failing to add the FortiAnalyzer device? The administrator must select the Forti Manager administrative access checkbox on the Forti Analyzer management interface. The administrator must use the Add Model Device section and discover the Forti Analyzer device. The administrator must turn off the Use Legacy Device login and add the FortiAnalyzer device to the same network as Forti Manager. The administrator must use the correct user name and password of the FortiAnalyzer device. None 7. Refer to the exhibit. An administrator wants to create a policy on the Staging ADOM in backup mode, and install it on the FortiGate device in the same ADOM. How can the administrator perform this task? The administrator must disable the FortiManager offline mode first. The administrator must change the ADOM mode to Advanced to bring the FortiManager online. The administrator must use the Policy & Objects section to create a policy first. The administrator must use the FortiManager script. None 8. What does a policy package status of Never Installed indicate? The policy package was never imported after a device was registered on Forti Manager. FortiManager is unable to determine the policy package status. The policy configuration has been changed on FortiManager and changes have not yet been installed on the managed device. The policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager. None 9. In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state? Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device. None 10. View the following exhibit. Which statement is true regarding this failed installation log? Policy ID 2 is installed without a source device Policy ID 2 is installed without a source address Policy ID 2 is installed in disabled state Policy ID 2 will not be installed None 11. An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface? It allows third-party applications to gain read/write access to FortiManager. It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices. It allows FortiManager to determine the connection status of managed devices. It allows administrative access to FortiManager. None 12. An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes. What is the purpose of this command? It allows FortiManager to revert and install a previous configuration revision on the managed FortiGate. It allows FortiGate to reboot and recover the previous configuration from its configuration file. It allows FortiManager to unset the new configuration through CLI and reboot FortiGate. It allows FortiGate to reboot and restore a previously working firmware image. None 13. Refer to the exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.) The administrator must set the FortiManager ADOM mode to Advanced. Admin A can access VDOM2 and VDOM3 with the super user profile. The FortiManager policies and objects database can be shared between the Financial and HR ADOMs. The administrator must configure FortiManager in workspace mode. 14. Refer to the exhibit. Which two statements about the output are true? (Choose two.) Configuration changes have been installed on FortiGate, which means the FortiGate configuration has been changed. The latest revision history for the managed FortiGate does not match the device-level database. Configuration changes directly made on FortiGate have been automatically updated to the device-level database. The latest revision history for the managed FortiGate does match the FortiGate running configuration. 15. Refer to the exhibit. Which statement is true about the Forti Manager ADOM policy tab based on the API request? The API command has enabled both central NAT and interface policy on the policy tab. The API command has requested the policy tab permissions information only. The API command has applied to customer with ID: 200. The API command has failed when requesting policy tab permissions information. None 16. Which two statements about Security Fabric integration with FortiManager are true? (Choose two.) The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices. The Security Fabric settings are part of the device-level settings. 17. Refer to the exhibit. What is the purpose of setting ADOM Mode to Advanced? This setting enables the ADOMs feature on FortiManager. This setting allows you to assign a VDOM from a single device to a different ADOM. This setting disables concurrent ADOM access and adds ADOM locking. This setting allows you to manage FortiGate chassis models. None 18. Which two settings must be configured for SD-WAN Central Management? (Choose two.) When you configure an SD-WAN, you must specify at least two member interfaces. SD-WAN must be enabled on per-ADOM basis The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies. You can create multiple SD-WAN interfaces per VDOM 19. Which three settings are the factory default settings on FortiManager? (Choose three.) port1 interface IP address is 192.168.1.99/24 The administrative domain is disabled. FortiAnalyzer features are disabled Reports and Event Monitor panes are enabled The Forti Manager setup wizard is disabled. 20. An administrator is replacing a failed device on FortiManager by running the following command: execute device replace sn . Which device name and serial number must the administrator use? The device name and serial number of the failed device. The device name of the new device and serial number of the failed device. The device name and serial number of the new device. The device name of the failed device and serial number of the new device. None 21. Refer to the exhibit. Which statement about the object named ALL is true? FortiManager updated the object ALL using the FortiManager value in its database. FortiManager updated the object ALL using the FortiGate value in its database. FortiManager installed the object ALL with the updated value. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate. None 22. Refer to the exhibit. What can you conclude from the failed installation log shown in the exhibit? Policy ID 2 is installed in the disabled state. Policy ID 2 is installed without the remote user student. Policy ID 2 is installed without a source address. Policy ID 2 will not be installed. None 23. What are two outcomes of ADOM revisions? (Choose two.) ADOM revisions can significantly increase the size of the configuration backups. ADOM revisions can create System Checkpoints for the FortiManager configuration ADOM revisions can save the current size of the whole ADOM ADOM revisions can save the current state of all policy packages and objects for an ADOM 24. An administrator is in the process of moving the system template profile between ADOMs by running the following command: execute fmprofile import-profile ADOM2 3547 /tmp/myfile Where does the administrator import the file from? ADOM2 ADOM2 object database File system ADOM1 None 25. Given the configuration shown in the exhibit, which two statements are true? An administrator can also lock the Local-FortiGate-1 policy package. The Forti Manager ADOM workspace mode is set to Normal. The FortiManager ADOM is locked by the administrator. Forti Manager is in workflow mode. 26. An administrator enabled workspace mode and now wants to delete an address object that is currently referenced in a firewall policy. Which two results can the administrator expect to happen? (Choose two.) FortiManager will disable the status of the address object. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy. FortiManager will not allow the administrator to delete a referenced address object until the ADOM is locked. FortiManager will temporarily change the status of the referenced firewall policy. 27. Refer to the exhibit. An administrator is about to add the FortiGate device to FortiManager using the discovery process. FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings. What is the expected result? During discovery, FortiManager uses only the FortiGate serial number to establish the connection. During discovery, FortiManager sets the NATed device IP address on FortiGate. During discovery, FortiManager sets the FortiManager NATed IP address on FortiGate. During discovery, FortiManager sets both the FortiManager NATed IP address and NAT device IP address on FortiGate. None 28. Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate? The unused objects that are not tied to the firewall policies will be installed on FortiGate. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted. The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database. None 29. What does a policy package status of Conflict indicate? The policy package configuration has been changed on both FortiManager and the managed device independently. The policy configuration has never been imported after a device was registered on FortiManager. The policy package reports inconsistencies and conflicts during a Policy Consistency Check. None 30. Which two items does an FGFM keepalive message include? (Choose two.) FortiGate uptime FortiGate license information FortiGate configuration checksum FortiGate IPS version Time's up