• Home
  • Articles
  • Updated Jan 04, 2024 Verified Pass NSE5_FMG-7.0 Exam in First Attempt Guaranteed [Q43-Q67]

Updated Jan 04, 2024 Verified Pass NSE5_FMG-7.0 Exam in First Attempt Guaranteed [Q43-Q67]

Share

Updated Jan 04, 2024 Verified Pass NSE5_FMG-7.0 Exam in First Attempt Guaranteed

Free NSE5_FMG-7.0 Sample Questions and 100% Cover Real Exam Questions (Updated 74 Questions)

NEW QUESTION # 43
What will happen if FortiAnalyzer features are enabled on FortiManager?

  • A. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices
  • B. FortiManager can be used only as a logging device.
  • C. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager
  • D. FortiManager will reboot

Answer: D


NEW QUESTION # 44
Which three settings are the factory default settings on FortiManager? (Choose three.)

  • A. FortiAnalyzer features are disabled
  • B. Reports and Event Monitor panes are enabled
  • C. port1 interface IP address is 192.168.1.99/24
  • D. Username is admin
  • E. Password is fortinet

Answer: A,C,D


NEW QUESTION # 45
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
  • B. The Security Fabric settings are part of the device level settings
  • C. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
  • D. The Security Fabric license, group name and password are required for the FortiManager Security Fabric integration

Answer: B,C


NEW QUESTION # 46
Which two statements regarding device management on FortiManager are true? (Choose two.)

  • A. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.
  • B. FortiGate devices in HA cluster devices are counted as a single device.
  • C. The maximum number of managed devices for each ADOM is 500.
  • D. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

Answer: A,B


NEW QUESTION # 47
Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

  • A. It can be configured using the CLI and GUI.
  • B. It does not back up firmware images saved on FortiManager.
  • C. It supports FTP, SCP, and SFTP.
  • D. It backs up all devices and the FortiGuard database.

Answer: B,C


NEW QUESTION # 48
View the following exhibit.

Which statement is true regarding this failed installation log?

  • A. Policy ID 2 will not be installed
  • B. Policy ID 2 is installed without a source device
  • C. Policy ID 2 is installed without a source address
  • D. Policy ID 2 is installed in disabled state

Answer: B


NEW QUESTION # 49
Refer to the exhibit.

Which statement about the object named ALL is true?

  • A. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
  • B. FortiManager installed the object ALL with the updated value.
  • C. FortiManager updated the object ALL using the FortiManager value in its database.
  • D. FortiManager updated the object ALL using the FortiGate value in its database.

Answer: D


NEW QUESTION # 50
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

  • A. By default, the unregistered FortiGate will appear in the root ADOM.
  • B. The FortiGate will be automatically added to the Training ADOM.
  • C. The FortiManager administrator must add the unregistered device manually to the unregistered device
  • D. The FortiGate will be added automatically to the default ADOM named FortiGate.

Answer: A

Explanation:
manually to the Training ADOM using the Add Device wizard


NEW QUESTION # 51
Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

  • A. The same administrator can lock more than one ADOM at the same time
  • B. Unlocking an ADOM will install configuration automatically on managed devices
  • C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
  • D. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

Answer: A,D


NEW QUESTION # 52
Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.
What is the purpose of this command?

  • A. It allows FortiGate to reboot and restore a previously working firmware image.
  • B. It allows FortiGate to reboot and recover the previous configuration from its configuration file.
  • C. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
  • D. It allows FortiGate to unset central management settings.

Answer: B


NEW QUESTION # 53
Refer to the exhibit.

Which statement about the object named ALL is true?

  • A. FortiManager installed the object ALL with the updated value.
  • B. FortiManager created the object ALL as a unique entity in its database, which can be only used by this
    managed FortiGate.
  • C. FortiManager updated the object ALL using the FortiManager value in its database.
  • D. FortiManager updated the object ALL using the FortiGate value in its database.

Answer: D


NEW QUESTION # 54
Refer to the exhibit.

You are using the Quick Install option to install configuration changes on the managed FortiGate.
Which two statements correctly describe the result? (Choose two.)

  • A. It cannot be canceled once initiated and changes will be installed on the managed device
  • B. It will not create a new revision in the revision history
  • C. It provides the option to preview configuration changes prior to installing them
  • D. It installs device-level changes to FortiGate without launching the Install Wizard

Answer: A,D

Explanation:
FortiManager_6.4_Study_Guide-Online - page 164
The Install Config option allows you to perform a quick installation of device-level settings without launching the Install Wizard. When you use this option, you cannot preview the changes prior to committing. Administrator should be certain of the changes before using this install option, because the install can't be cancelled after the process is initiated.


NEW QUESTION # 55
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  • B. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  • C. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
  • D. FortiManager will revert and install a previous configuration revision on the managed FortiGate.

Answer: D

Explanation:
The configuration change will break the fgfm connection, causing the FortiGate unit to attempt to reconnect for 900 seconds. If the FortiGate cannot reconnect, it will rollback to its previous configuration.


NEW QUESTION # 56
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest history for the managed FortiGate does not match with the device-level database
  • B. Configuration changes directly made on the FortiGate have been automatically updated to device-level
  • C. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  • D. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

Answer: A,C

Explanation:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up - dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager. - conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. - cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: - Revision DB does match FortiGate. - No changes were installed to FortiGate yet. - Device DB doesn't match Revision DB. - No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve: device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT


NEW QUESTION # 57
View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

  • A. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
  • B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on
    FortiGate under central management.
  • C. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
  • D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Answer: A,C

Explanation:
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.


NEW QUESTION # 58
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  • B. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  • C. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
  • D. FortiManager will revert and install a previous configuration revision on the managed FortiGate.

Answer: A


NEW QUESTION # 59
An administrator would like to create an SD-WAN using central management. What steps does the
administrator need to perform to create an SD-WAN using central management?

  • A. Remove all the interface references such as routes or policies
  • B. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
  • C. You must specify a gateway address when you create a default static route
  • D. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Answer: D


NEW QUESTION # 60
View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

  • A. From public FDNI server with highest index number only
  • B. From the list of configured override servers with ability to fall back to public FDN servers
  • C. From the default server fdsl.fortinet.com
  • D. From the configured override server list only

Answer: B


NEW QUESTION # 61
Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.
Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

  • A. The administrator profile does not have full access privileges like the Super_User profile.
  • B. FortiAnalyzer features are not enabled on FortiManager.
  • C. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.
  • D. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

Answer: A,B


NEW QUESTION # 62
What is the purpose of ADOM revisions?

  • A. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
  • B. To save the current state of all policy packages and objects for an ADOM.
  • C. To save the current state of the whole ADOM.
  • D. To create System Checkpoints for the FortiManager configuration.

Answer: B

Explanation:
Fortimanager 6.4 Study guide page 198


NEW QUESTION # 63
Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

  • A. FortiManager ignored the firewall service category General but created a new service category in its database.
  • B. FortiManager ignored the firewall service category general and deleted the duplicate value In Its database
  • C. FortiManager ignored the firewall service category General and did not update Its database with the value
  • D. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

Answer: D


NEW QUESTION # 64
An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?

  • A. Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.
  • B. Changes to the AP's state must be performed directly on the managed FortiGate.
  • C. Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.
  • D. Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

Answer: C


NEW QUESTION # 65
Refer to the exhibit.

Which two statements are true if the script is executed using the Device Database option? (Choose two.)

  • A. The successful execution of a script on the Device Database will create a new revision history
  • B. The script history will show successful installation of the script on the remote FortiGate
  • C. The Device Settings Status will be tagged as Modified
  • D. You must install these changes using the Install Wizard to a managed device

Answer: C,D


NEW QUESTION # 66
Which two items does an FGFM keepalive message include? (Choose two.)

  • A. FortiGate configuration checksum
  • B. FortiGate IPS version
  • C. FortiGate license information
  • D. FortiGate uptime

Answer: A,B


NEW QUESTION # 67
......

Download Real Fortinet NSE5_FMG-7.0 Exam Dumps Test Engine Exam Questions: https://www.actual4exams.com/NSE5_FMG-7.0-valid-dump.html

Verified NSE5_FMG-7.0 Dumps Q&As - NSE5_FMG-7.0 Test Engine with Correct Answers: https://drive.google.com/open?id=1mUcCWTFm1nXJprYi_JQXlwRwzBA9S2Gs 

Related Articles

more
Fortinet NSE5_FMG-7.0 Certification Practice Exam

Take our exam training material as your study reference, and pass your exam with the help of our actual exam dumps. When you choose our latest exam torrent, you will get your IT certification with more confident and more ease.

Latest Actual Exam Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2024 Actual4Exams NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy