Fortinet NSE5 Forti Manager v7.2

Certification Provider: Fortinet

Exam: FCP: Forti Manager 7.2 Administrator

Exam Code: NSE5 FMG v7.2

Total Question: 72

Question per Quiz: 35

Updated On: 02 April 2025

Note: In order to practice all the Q/A's, you have to practice multiple time. Question's and Answer's will be presented randomly and will help you get hands-on for real exam.

Given the configuration shown in the exhibit, what can you conclude from the installation targets in the Install On column? (Choose two.)

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM.

Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.

Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target.

Policy seq.# 3 will be skipped because no installation targets are specified.

Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only.

How are bulk configuration changes made using FortiManager CLI scripts? (Choose two.)

When run on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

When run on the All FortiGate in ADOM, changes are automatically installed without the creation of a new revision history.

When run on the Device Database, changes are applied directly to the managed FortiGate device.

Refer to the exhibit. An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted.

The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate.

The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database.

The unused objects that are not tied to the firewall policies will be installed on FortiGate.

None

An administrator is in the process of moving the system template profile between ADOMs by running the following command: execute fmprofile import-profile ADOM2 3547 /tmp/myfile Where does the administrator import the file from?

ADOM1

File system

ADOM2

ADOM2 object database

None

Refer to the exhibit. According to the error message, why is FortiManager failing to add the FortiAnalyzer device?

The administrator must select the Forti Manager administrative access checkbox on the Forti Analyzer management interface.

The administrator must use the Add Model Device section and discover the Forti Analyzer device.

The administrator must turn off the Use Legacy Device login and add the FortiAnalyzer device to the same network as Forti Manager.

The administrator must use the correct user name and password of the FortiAnalyzer device.

None

Refer to the exhibit. An administrator wants to create a policy on the Staging ADOM in backup mode, and install it on the FortiGate device in the same ADOM. How can the administrator perform this task?

The administrator must disable the FortiManager offline mode first.

The administrator must use the Policy & Objects section to create a policy first.

The administrator must change the ADOM mode to Advanced to bring the FortiManager online.

The administrator must use the FortiManager script.

None

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1. What will happen to the Fortinet policy package when it is created?

You need to reapply the global policy package to the ADOM.

You need to assign the global policy package from the global ADOM.

It automatically assigns the global policies.

You can select the option to assign the global policies.

None

An administrator created a header and footer global policy package and assigned it to an ADOM. What are two outcomes from this action? (Choose two.)

You must manually move the header and footer policies after the policy assignment.

You can edit or delete all the global objects in the global ADOM.

After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed.

f you assign an additional global policy package to the same ADOM, FortiManager removes previously assigned policies.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.

During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

10.

An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen?

FortiManager will not allow the administrator to delete a referenced address object

FortiManager will replace the deleted address object with the none address object in the referenced firewall policy

FortiManager will replace the deleted address object with all address object in the referenced firewall policy

FortiManager will disable the status of the referenced firewall policy

None

11.

View the following exhibit. Which statement is true regarding this failed installation log?

Policy ID 2 is installed without a source device

Policy ID 2 is installed without a source address

Policy ID 2 will not be installed

Policy ID 2 is installed in disabled state

None

12.

In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.

FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.

Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device.

None

13.

An administrator run the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do?

It installs the provisioning template configuration on the specified FortiGate.

It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate.

It installs the latest configuration on the specified FortiGate and update the revision history database.

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

None

14.

In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices only. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric. Given the administrator’s actions, which statement correctly describes the expected result?

The authorized FortiGate will be automatically added to the Training ADOM.

The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.

The authorized FortiGate will appear in the root ADOM.

The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.

None

15.

An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface?

It allows third-party applications to gain read/write access to FortiManager.

It allows administrative access to FortiManager.

It allows FortiManager to determine the connection status of managed devices.

It allows FortiManager to respond to requests for FortiGuard services from FortiGate devices.

None

16.

Which three settings are the factory default settings on FortiManager? (Choose three.)

The Forti Manager setup wizard is disabled.

The administrative domain is disabled.

Reports and Event Monitor panes are enabled

port1 interface IP address is 192.168.1.99/24

FortiAnalyzer features are disabled

17.

Refer to the exhibit. How will FortiManager try to get updates for antivirus and IPS?

From the default server fds1.fortinet.com

From public FDNI server IP address with the fourth highest octet only

From the configured override server IP address 10.0.1.50 only

From the list of configured override servers or public FDN servers

None

18.

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

Routing

VIP and IP Pools

Security profiles

Firewall policies

None

19.

Given the configuration shown in the exhibit, which two statements are true?

The Forti Manager ADOM workspace mode is set to Normal.

Forti Manager is in workflow mode.

An administrator can also lock the Local-FortiGate-1 policy package.

The FortiManager ADOM is locked by the administrator.

20.

View the following exhibit. What is the purpose of setting ADOM Mode to Advanced?

The setting enables the ADOMs feature on FortiManager

This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

The setting allows automatic updates to the policy package configuration for a managed device

The setting disables concurrent ADOM access and adds ADOM locking

None

21.

What are two outcomes of ADOM revisions? (Choose two.)

ADOM revisions can create System Checkpoints for the FortiManager configuration

ADOM revisions can save the current size of the whole ADOM

ADOM revisions can significantly increase the size of the configuration backups.

ADOM revisions can save the current state of all policy packages and objects for an ADOM

22.

Which two statements about an ADOM set in Normal mode on Forti Manager are true?

You cannot assign the same ADOM to multiple administrators.

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate.

It allows making configuration changes for managed devices on FortiManager panes.

It supports the FortiManager script feature.

23.

When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

FortiGate will reject the CLI commands that will cause the tunnel to go down.

FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

FortiManager will revert and install a previous configuration revision on the managed FortiGate.

None

24.

Refer to the exhibit. A junior administrator is troubleshooting a FortiManager connectivity issue that is occurring with managed FortiGate devices. Given the FortiManager device manager settings shown in the exhibit, what can you conclude from the exhibit?

The administrator can reclaim the FGFM tunnel to get both devices online.

The administrator must refresh both devices to restore connectivity.

The administrator had restored the Forti Manager configuration file.

Forti Manager lost internet connectivity, therefore, both devices appear to be down.

None

25.

In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

By default, the unregistered FortiGate will appear in the root ADOM.

The FortiManager administrator must add the unregistered device manually to the unregistered device manually to the Training ADOM using the Add Device wizard

The FortiGate will be added automatically to the default ADOM named FortiGate.

The FortiGate will be automatically added to the Training ADOM.

None

26.

An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package.

When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

When a new policy package is created, the administrator must assign the global policy package from the global ADOM.

When a new policy package is created, the administrator must import the global policy package to ADOM1.

None

27.

Refer to the exhibit. Given the configuration shown in the exhibit, how did Forti Manager handle the service category named General?

Forti Manager ignored the firewall service category General and did not update its database with the value.

FortiManager ignored the firewall service category General but created a new service category in its database.

FortiManager ignored the firewall service category General and deleted the duplicate value in its database.

Forti Manager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

None

28.

Refer to the exhibit. What is the purpose of setting ADOM Mode to Advanced?

This setting disables concurrent ADOM access and adds ADOM locking.

This setting enables the ADOMs feature on FortiManager.

This setting allows you to manage FortiGate chassis models.

This setting allows you to assign a VDOM from a single device to a different ADOM.

None

29.

Which two items does an FGFM keepalive message include? (Choose two.)

FortiGate license information

FortiGate IPS version

FortiGate configuration checksum

FortiGate uptime

30.

An administrator runs the Policy Check feature on Forti Manager ADOM. What will be the result?

It will find and delete disabled firewall policies in the policy package.

It will find and provide recommendations to combine multiple separate policy packages into one common policy package.

It will find and merge duplicate policies in the policy package.

It will find and provide recommendations for optimizing policies in a policy package.

None

Time's up

Follow Us

Fortinet NSE5 Forti Manager v7.2

PCNSE – Palo Alto Certified Network Security Engineer

PCNSC – Paloalto Certified Network Security Consultant

No Comment! Be the first one.

Leave a Reply Cancel reply

Popular

Blockchain Technology

Social

Newsletter

Follow Us

Type and hit Enter to search

Fortinet NSE5 Forti Manager v7.2

Share Article

PCNSE – Palo Alto Certified Network Security Engineer

PCNSC – Paloalto Certified Network Security Consultant

No Comment! Be the first one.

Leave a Reply Cancel reply

Popular

Blockchain Technology

Setup Windows Hello Fingerprint Login

Social

Newsletter