Fortinet Fortinet Certifications NSE5_FMG-6.4 Questions & Answers

• Question 21:

  Refer to the exhibit.

  

  Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

  A. It allows two or more administrators to make configuration changes at the same time, in the same

  ADOM.

  B. It disables concurrent read-write access to an ADOM.

  C. It allows the same administrator to lock more than one ADOM at the same time.

  D. It is used to validate administrator login attempts through external servers.

  Correct Answer: BC

  Reference: https://docs.fortinet.com/document/fortimanager/6.0.4/administration-guide/86456/ concurrentadom-access

• Question 22:

  An administrator has enabled Service Access on FortiManager.

  What is the purpose of Service Access on the FortiManager interface?

  A. Allows FortiManager to download IPS packages

  B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

  C. Allows FortiManager to run real-time debugs on the managed devices

  D. Allows FortiManager to automatically configure a default route

  Correct Answer: B

  FortiManager 6.2 Study guide page 350

• Question 23:

  Refer to the exhibit.

  

  An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.

  Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

  A. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

  B. The administrator profile does not have full access privileges like the Super_User profile.

  C. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

  D. FortiAnalyzer features are not enabled on FortiManager.

  Correct Answer: BD

• Question 24:

  Refer to the exhibit.

  

  An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.

  What is the purpose of this command?

  A. It allows FortiGate to unset central management settings.

  B. It allows FortiGate to reboot and recover the previous configuration from its configuration file.

  C. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

  D. It allows FortiGate to reboot and restore a previously working firmware image.

  Correct Answer: B

  Reference: https://docs.fortinet.com/document/fortimanager/6.2.0/fortigate-fortimanagercommunicationsprotocol-guide/141304/fgfm-recovery-logic

• Question 25:

  An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the managed FortiGate.

  In which database will the configuration be saved?

  A. Device-level database

  B. Revision history database

  C. ADOM-level database

  D. Configuration-level database

  Correct Answer: C

  Explanation: https://kb.fortinet.com/kb/documentLink.do?externalID=FD47942

• Question 26:

  Which two statements regarding device management on FortiManager are true? (Choose two.)

  A. FortiGate devices in HA cluster devices are counted as a single device.

  B. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

  C. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

  D. The maximum number of managed devices for each ADOM is 500.

  Correct Answer: AC

• Question 27:

  View the following exhibit, which shows the Download Import Report:

  

  Why it is failing to import firewall policy ID 2?

  A. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate

  B. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager

  C. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager

  D. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

  Correct Answer: A

  FortiManager_6.4_Study_Guide-Online page 331and; 332

• Question 28:

  Refer to the following exhibit: Which of the following statements are true based on this configuration? (Choose two.)

  

  A. The same administrator can lock more than one ADOM at the same time

  B. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

  C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator

  D. Unlocking an ADOM will install configuration automatically on managed devices

  Correct Answer: AB

  Reference: http://help.fortinet.com/fmgr/cli/5-6-2/Document/0800_AD0Ms/200_Configuring+.htm

• Question 29:

  View the following exhibit.

  

  Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

  A. The Install On column value represents successful installation on the managed devices

  B. Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets

  C. Policy seq#3 will be installed on the Trainer[NAT] VDOM only

  D. Policy seq#3 will be not installed on any managed device

  Correct Answer: B

• Question 30:

  Which three settings are the factory default settings on FortiManager? (Choose three.)

  A. Username is admin

  B. Password is fortinet

  C. FortiAnalyzer features are disabled

  D. Reports and Event Monitor panes are enabled

  E. port1 interface IP address is 192.168.1.99/24

  Correct Answer: ACE