• Home
  • Articles
  • [Q29-Q47] View NSE5_FMG-6.4 Exam Question Dumps With Latest Demo [Aug 22, 2022]

[Q29-Q47] View NSE5_FMG-6.4 Exam Question Dumps With Latest Demo [Aug 22, 2022]

Share

View NSE5_FMG-6.4 Exam Question Dumps With Latest Demo [Aug 22, 2022]

Free NSE5_FMG-6.4 Test Questions Real Practice Test Questions

NEW QUESTION 29
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

  • A. The FortiGate will be automatically added to the Training ADOM.
  • B. By default, the unregistered FortiGate will appear in the root ADOM.
  • C. The FortiManager administrator must add the unregistered device manually to the unregistered device
  • D. The FortiGate will be added automatically to the default ADOM named FortiGate.

Answer: B

Explanation:
manually to the Training ADOM using the Add Device wizard

 

NEW QUESTION 30
View the following exhibit.

An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

  • A. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted
  • B. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate
  • C. The unused objects that are not tied to the firewall policies in policy package will be deleted from the
  • D. The unused objects that are not tied to the firewall policies will be installed on FortiGate

Answer: A

Explanation:
FortiManager database

 

NEW QUESTION 31
View the following exhibit.

An administrator has created a firewall address object, Training, which is used in the Local-FortiGate policy package. When the install operation is performed, which IP Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

  • A. It will create firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values
  • B. Local-FortiGate will automatically choose an IP Network based on its network interface settings.
  • C. 10.0.1.0/24
  • D. 192.168.0.1/24

Answer: C

 

NEW QUESTION 32
View the following exhibit.

When using Install Config option to install configuration changes to managed FortiGate, which of the following statements are true? (Choose two.)

  • A. Will not create new revision in the revision history
  • B. Once initiated, the install process cannot be canceled and changes will be installed on the managed device
  • C. Installs device-level changes to FortiGate without launching the Install Wizard
  • D. Provides the option to preview configuration changes prior to installing them

Answer: B,C

 

NEW QUESTION 33
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  • B. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
  • C. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  • D. FortiManager will revert and install a previous configuration revision on the managed FortiGate.

Answer: C

 

NEW QUESTION 34
An administrator would like to create an SD-WAN using central management in the Training ADOM.
To create an SD-WAN using central management, which two steps must be completed? (Choose two.)

  • A. Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN template settings
  • B. Enable SD-WAN central management in the Training ADOM
  • C. Specify a gateway address when you create a default SD-WAN static route
  • D. Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces

Answer: B,D

 

NEW QUESTION 35
Which configuration setting for FortiGate is part of a device-level database on FortiManager?

  • A. VIP and IP Pools
  • B. Routing
  • C. Firewall policies
  • D. Security profiles

Answer: B

Explanation:
The FortiManager stores the FortiGate configuration details in two distinct databases. The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more. The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.

 

NEW QUESTION 36
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?

  • A. By a dollar symbol ($) at the end of the device name
  • B. By a
  • C. By an Asterisk (*) at the end of the device name
  • D. By an at symbol (@) at the end of the device name

Answer: C

 

NEW QUESTION 37
What is the purpose of the Policy Check feature on FortiManager?

  • A. To find and provide recommendation to combine multiple separate policy packages into one common policy package
  • B. To find and merge duplicate policies in the policy package
  • C. To find and delete disabled firewall policies in the policy package
  • D. To find and provide recommendation for optimizing policies in a policy package

Answer: D

 

NEW QUESTION 38
Which two items are included in the FortiManager backup? (Choose two.)

  • A. Global database
  • B. All devices
  • C. Logs
  • D. FortiGuard database

Answer: A,B

 

NEW QUESTION 39
Which two items does an FGFM keepalive message include? (Choose two.)

  • A. FortiGate configuration checksum
  • B. FortiGate IPS version
  • C. FortiGate uptime
  • D. FortiGate license information

Answer: A,B

 

NEW QUESTION 40
What does a policy package status of Modified indicate?

  • A. The policy package was never imported after a device was registered on FortiManager
  • B. FortiManager is unable to determine the policy package status
  • C. The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.
  • D. The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager

Answer: C

 

NEW QUESTION 41
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.
Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?

  • A. When a new policy package is created, you can select the option to assign the global policies to the new package.
  • B. When a new policy package is created, you need to reapply the global policy package to the ADOM.
  • C. When a new policy package is created, you need to assign the global policy package from the global ADOM.
  • D. When a new policy package is created, it automatically assigns the global policies to the new package.

Answer: D

Explanation:
Global Policy Package is applied at the ADOM level and you have the option to choose which ADOM policy packages you want to exclude (there is no option to choose Policy Packages to include).

 

NEW QUESTION 42
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

  • A. port1
  • B. virtual-wan-link
  • C. port2
  • D. auto-discovery

Answer: B

 

NEW QUESTION 43
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

  • A. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • B. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
  • C. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • D. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device

Answer: A

Explanation:
FortiManager_6.4_Study_Guide-Online - page 346
FortiManager HA doesn't support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1. Manually reconfigure one of the secondary devices to become the primary device
2. Reconfigure all other secondary devices to point to the new primary device

 

NEW QUESTION 44
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?

  • A. Set to workflow and use the ADOM locking feature
  • B. Set to normal and use the policy locking feature
  • C. Set to read/write and use the policy locking feature
  • D. Set to disable and use the policy locking feature

Answer: A

 

NEW QUESTION 45
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Verifies and corrects duplicate VDOM entries
  • B. Verifies and corrects unregistered, registered, and deleted device states
  • C. Verifies and corrects database schemas in all object tables
  • D. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax

Answer: A,B

Explanation:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries

 

NEW QUESTION 46
View the following exhibit.

What is the purpose of setting ADOM Mode to Advanced?

  • A. The setting disables concurrent ADOM access and adds ADOM locking
  • B. The setting allows automatic updates to the policy package configuration for a managed device
  • C. This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.
  • D. The setting enables the ADOMs feature on FortiManager

Answer: C

 

NEW QUESTION 47
......

View All NSE5_FMG-6.4 Actual Free Exam Questions Updated: https://www.actual4exams.com/NSE5_FMG-6.4-valid-dump.html

NSE5_FMG-6.4 Dumps Updated Aug 22, 2022 WIith 60 Questions: https://drive.google.com/open?id=1gZFQH4MCIabgz1sj8B6TzMNAEkx79gtf

Related Articles

more
Fortinet NSE5_FMG-6.4 Certification Practice Exam

Take our exam training material as your study reference, and pass your exam with the help of our actual exam dumps. When you choose our latest exam torrent, you will get your IT certification with more confident and more ease.

Latest Actual Exam Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2024 Actual4Exams NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy