Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

NSE5_FMG-7.0 Questions and Answers

Note! Following NSE5_FMG-7.0 Exam is Retired now. Please select the alternative replacement for your Exam Certification. The new exam code is NSE5_FMG-7.2

NSE5_FMG-7.0 Questions and Answers

Question # 6

Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

A.

NSX-T Service Template

B.

Security profiles

C.

SNMP

D.

Routing

Full Access
Question # 7

View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

A.

FortiManager updated the object ALL using FortiGate’s value in its database

B.

FortiManager updated the object ALL using FortiManager’s value in its database

C.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.

FortiManager installed the object ALL with the updated value.

Full Access
Question # 8

Push updates are failing on a FortiGate device that is located behind a NAT device Which two settings should the administrator check? (Choose two.)

A.

That the virtual IP address and correct ports are set on the NAT device

B.

That the NAT device IP address and correct ports are configured on FortiManager

C.

That the external IP address on the NAT device is set to DHCP and configured with the virtual IP

D.

That the override server IP address is set on FortiManager and the NAT device

Full Access
Question # 9

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

A.

Managed gateways are devices managed by FortiManager in the same ADOM

B.

External gateways are third-party VPN gateway devices only

C.

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

D.

Managed devices in other ADOMs must be treated as external gateways

Full Access
Question # 10

An administrator would like to create an SD-WAN using central management. What steps does the

administrator need to perform to create an SD-WAN using central management?

A.

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

B.

You must specify a gateway address when you create a default static route

C.

Remove all the interface references such as routes or policies

D.

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Full Access
Question # 11

View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

A.

This setting will enable the ADOMs feature on FortiManager.

B.

This setting is applied globally to all ADOMs.

C.

This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.

D.

This setting will allow automatic updates to the policy package configuration for a managed device.

Full Access
Question # 12

Which two items does an FGFM keepalive message include? (Choose two.)

A.

FortiGate uptime

B.

FortiGate license information

C.

FortiGate IPS version

D.

FortiGate configuration checksum

Full Access
Question # 13

What is the purpose of the Policy Check feature on FortiManager?

A.

To find and provide recommendation to combine multiple separate policy packages into one common

policy package

B.

To find and merge duplicate policies in the policy package

C.

To find and provide recommendation for optimizing policies in a policy package

D.

To find and delete disabled firewall policies in the policy package

Full Access
Question # 14

An administrator would like to create an SD-WAN using central management in the Training ADOM.

To create an SD-WAN using central management, which two steps must be completed? (Choose two.)

A.

Specify a gateway address when you create a default SD-WAN static route

B.

Enable SD-WAN central management in the Training ADOM

C.

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN

template settings

D.

Remove all the interface references such as routes or policies that will be a part of SD-WAN member

interfaces

Full Access
Question # 15

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

A.

VIP and IP Pools

B.

Firewall policies

C.

Security profiles

D.

Routing

Full Access
Question # 16

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

A.

When configuration revision is reverted to previous revision in the revision history

B.

When FortiManager installs device-level changes to a managed device

C.

When FortiManager is auto-updated with configuration changes made directly on a managed device

D.

When changes to device-level database is made on FortiManager

Full Access
Question # 17

An administrator has enabled Service Access on FortiManager.

What is the purpose of Service Access on the FortiManager interface?

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Full Access
Question # 18

What will be the result of reverting to a previous revision version in the revision history?

A.

It will install configuration changes to managed device automatically

B.

It will tag the device settings status as Auto-Update

C.

It will generate a new version ID and remove all other revision history versions

D.

It will modify the device-level database

Full Access
Question # 19

Which two statements regarding device management on FortiManager are true? (Choose two.)

A.

FortiGate devices in HA cluster devices are counted as a single device.

B.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.

The maximum number of managed devices for each ADOM is 500.

Full Access
Question # 20

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Full Access
Question # 21

What does a policy package status of Conflict indicate?

A.

The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

B.

The policy package does not have a FortiGate as the installation target.

C.

The policy package configuration has been changed on both FortiManager and the managed device

independently.

D.

The policy configuration has never been imported after a device was registered on FortiManager.

Full Access
Question # 22

Which two items are included in the FortiManager backup? (Choose two.)

A.

FortiGuard database

B.

Global database

C.

Logs

D.

All devices

Full Access
Question # 23

Refer to the exhibit.

Which two statements are true if the script is executed using the Device Database option? (Choose two.)

A.

You must install these changes using the Install Wizard to a managed device

B.

The successful execution of a script on the Device Database will create a new revision history

C.

The script history will show successful installation of the script on the remote FortiGate

D.

The Device Settings Status will be tagged as Modified

Full Access