Practice Free NSE5_FMG-7.2 Exam Online Questions
An administrator run the reload failure command: diagnose test deploymanager reload config
<deviceid> on FortiManager.
What does this command do?
- A . It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.
- B . It installs the latest configuration on the specified FortiGate and update the revision history database.
- C . It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate.
- D . It installs the provisioning template configuration on the specified FortiGate.
A
Explanation:
Reference: https://community.fortinet.com/t5/FortiManager/Technical-Note-Retrieve-configuration-file-using-CLI-from-a/ta-p/191000?externalID=FD36387
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?
- A . Set to workflow and use the ADOM locking feature
- B . Set to read/write and use the policy locking feature
- C . Set to normal and use the policy locking feature
- D . Set to disable and use the policy locking feature
A
Explanation:
Reference: https://help.fortinet.com/fmgr/50hlp/52/5-2-0/FMG_520_Online_Help/200_What’s-New.03.03.html
An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash.
How can the administrator unlock the ADOM?
- A . Restore the configuration from a previous backup.
- B . Log in as Super_User in order to unlock the ADOM.
- C . Log in using the same administrator account to unlock the ADOM.
- D . Delete the previous admin session manually through the FortiManager GUI or CLI.
An administrator would like to create an SD-WAN using central management in the Training ADOM.
To create an SD-WAN using central management, which two steps must be completed? (Choose two.)
- A . Specify a gateway address when you create a default SD-WAN static route
- B . Enable SD-WAN central management in the Training ADOM
- C . Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN template settings
- D . Remove all the interface references such as routes or policies that will be a part of SD-WAN member
interfaces
BD
Explanation:
Reference: https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/676493/removing-existing-configuration-references-to-interfaces
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?
- A . By a dollar symbol ($) at the end of the device name
- B . By an at symbol (@) at the end of the device name
- C . By a QUESTION NO : mark(?) at the end of the device name
- D . By an Asterisk (*) at the end of the device name
An administrator would like to create an SD-WAN using central management.
What steps does the administrator need to perform to create an SD-WAN using central management?
- A . First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
- B . You must specify a gateway address when you create a default static route
- C . Remove all the interface references such as routes or policies
- D . Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
Refer to the exhibit.
A junior administrator is troubleshooting a FortiManager connectivity issue that rs occurring with managed FortiGate devices
Given the FortiManager device manager settings shown in the exhibit what can you conclude from the exhibit?
- A . The administrator had restored the FortiManager configuration file
- B . The administrator must refresh both devices to restore connectivity
- C . FortiManager test internet connectivity therefore, both devices appear to be down
- D . The administrator can reclaim the FGFM tunnel to get both devices online
What will happen if FortiAnalyzer features are enabled on FortiManager?
- A . FortiManager will reboot
- B . FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager
- C . FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices
- D . FortiManager can be used only as a logging device.
A
Explanation:
Reference: https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FortiManager_Admin_Guide/1800_FAZ%20Features/0200_Enable%20FAZ%20Features.htm
Refer to the exhibit.
An administrator is about to add the FortiGate device to FortiManager using the discovery process FortiManager is operating behind a NAT device, and the administrator configured the FortiManager NATed IP address under the FortiManager system administration settings.
What is the expected result?
- A . During discovery FortiManager sets trie FortiManager NATed IP address on FortiGate
- B . During discovery FortiManager sets both tie FortiManager NATed IP address and NAT device IP address on FortiGate
- C . During discovery FortiManager sets the NATed device IP address on FortiGate
- D . During discovery FortiManager uses only the FortiGate serial number to establish the connection
Refer to the exhibit.
How will FortiManager try to get updates for antivirus and IPS?
- A . From the list of configured override servers or public FDN servers
- B . From the default server fds1.fortinet.com
- C . From the configured override server IP address 10.0.1.50 only
- D . From public FDNI server IP address with the fourth highest octet only