• Home
  • Articles
  • NSE5_FMG-6.2 Free Certification Exam Material from ActualPDF with 85 Questions [Q29-Q47]

NSE5_FMG-6.2 Free Certification Exam Material from ActualPDF with 85 Questions [Q29-Q47]

Share

NSE5_FMG-6.2 Free Certification Exam Material from ActualPDF with 85 Questions

Use Real NSE5_FMG-6.2 - 100% Cover Real Exam Questions 

NEW QUESTION 29
When configuring FortiGuard on FortiManger. Which two statements are correct regarding Allow Push Update settings configured in the FortiGuard. Antivirus and IPS Settings? (Choose two)

  • A. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManger bult-in FDS will send push update notifications.
  • B. FortiManager's built-in FDS service may not correctly receive push updates if the external facing IP address of any intermediary NAT device is dynamic.
  • C. FortiManager's built-in FDS service does not allow an administrator to override the default FortiManger IP address and port used by the FDN to send update messages.
  • D. If an urgent or critical FortiGuard Antivirus and/or IPS update becomes available, the FortiManger bult-in FDS will send push update notifications to each managed device.

Answer: A,B

 

NEW QUESTION 30
Refer to the exhibit. An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.

What is the purpose of this command?

  • A. It allows FortiGate to reboot and recover the previous configuration from its configuration file.
  • B. It allows FortiGate to unset central management settings.
  • C. It allows FortiGate to reboot and restore a previously working firmware image.
  • D. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.

Answer: A

 

NEW QUESTION 31
An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?

  • A. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
  • B. You must specify a gateway address when you create a default static route
  • C. Remove all the interface references such as routes or policies
  • D. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

Answer: A

 

NEW QUESTION 32
Which of the following are FortiManager features? (Choose two)

  • A. Centralized Management
  • B. Administrative Domains
  • C. Virtual Domains
  • D. Cloud-based Management

Answer: A,B

Explanation:
Explanation

 

NEW QUESTION 33
View the following exhibit.

Which of the following statements are true if FortiManager and FortiGate are behind the NAT devices? (Choose two.)

  • A. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.
  • B. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
  • C. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
  • D. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

Answer: B,C

 

NEW QUESTION 34
What is the purpose of the Policy Check feature on FortiManager?

  • A. To find and provide recommendation for optimizing policies in a policy package
  • B. To find and provide recommendation to combine multiple separate policy packages into one common policy package
  • C. To find and delete disabled firewall policies in the policy package
  • D. To find and merge duplicate policies in the policy package

Answer: A

 

NEW QUESTION 35
Which two items does an FGFM keepalive message include? (Choose two.)

  • A. FortiGate uptime
  • B. FortiGate IPS version
  • C. FortiGate configuration checksum
  • D. FortiGate license information

Answer: B,C

 

NEW QUESTION 36
A FortiGate device is imported to FortiManager using the settings given in the exhibit.

An administrator subsequently modifies and installs the policy package.
Which two statements are correct regarding the scenario? (Choose two)

  • A. The orphan (unused) objects that are not tied to policies locally on the FortiGate will not be deleted on install.
  • B. The orphan (unused) objects that are not tied to policies locally on the FortiGate will be deleted on install.
  • C. The FortiManager imported all unused objects to the ADOM object database. These objects can be used by referencing in the policies on FortiManager and installing to the managed devices.
  • D. The FortiManager did not import unused objects to the ADOM object database. These objects cannot be used by referencing in the policies on FortiManager and installing to the managed devices.

Answer: B,D

 

NEW QUESTION 37
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

  • A. Allows FortiManager to download IPS packages
  • B. Allows FortiManager to automatically configure a default route
  • C. Allows FortiManager to run real-time debugs on the managed devices
  • D. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

Answer: D

 

NEW QUESTION 38
Which of the following statements are true regarding ADOM revisions? (Choose two.)

  • A. ADOM revisions can save the current size of the whole ADOM
  • B. ADOM revisions can save the current state of all policy packages and objects for an ADOM
  • C. ADOM revisions can significantly increase the size of the configuration backups.
  • D. ADOM revisions can create System Checkpoints for the FortiManager configuration

Answer: B,C

 

NEW QUESTION 39
Refer to the exhibit.

An administrator is importing a new device to FortiManager and has selected the options shown in the exhibit.
What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

  • A. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate.
  • B. The unused objects that are not tied to the firewall policies in the policy package will be deleted from the FortiManager database.
  • C. The unused objects that are not tied to the firewall policies will be installed on FortiGate.
  • D. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted.

Answer: D

 

NEW QUESTION 40
View the following exhibit. Which statement is true regarding this failed installation log?

  • A. Policy ID 2 is installed without a source address
  • B. Policy ID 2 will not be installed
  • C. Policy ID 2 is installed without a source device
  • D. Policy ID 2 is installed in disabled state

Answer: C

Explanation:
Confirmed on FortiGate using CLI cmds above. The policy created above will be created and shows up in the "IPv4 Policy" section (so it is enabled), but does not have a device listed as the source device.

 

NEW QUESTION 41
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

  • A. The FortiManager administrator must add the unregistered device manually to the unregistered device manually to the Training ADOM using the Add Device wizard
  • B. The FortiGate will be added automatically to the default ADOM named FortiGate.
  • C. By default, the unregistered FortiGate will appear in the root ADOM.
  • D. The FortiGate will be automatically added to the Training ADOM.

Answer: C

 

NEW QUESTION 42
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

  • A. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
  • B. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • C. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • D. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device

Answer: B

 

NEW QUESTION 43
Which two statements are correct for configuration changes made by FortiManager scripts? (Choose two)

  • A. When run on the device database, changes are automatically installed to the managed FortiGate devices.
  • B. When run on managed devices directly, changes are automatically installed to the managed FortiGate devices.
  • C. When run on the device database, you can install changes to the managed FortiGate devices using the installation wizard.
  • D. When run on managed devices directly, you can install changes to the managed FortiGate devices using the installation wizard.

Answer: B,C

Explanation:
A script can make many changes to a managed device and are useful for bulk configuration changes and consistency across multiple managed devices. Scripts can be run in three different ways:
Device Database: By default, a script can be executed on the device database. It is recommended you run the changes on the device database (default setting), as this allows you to check what configuration changes you will send to the managed device. Once scripts are run on the device database you can then install these changes to a managed device using the installation wizard.
Policy Package, ADOM database: A script can be run here to create ADOM level objects that will be applied to your managed devices and can then be installed using the installation wizard.
Remote FortiGate Directly (via CLI): A script can be executed directly on the device and you don't need to install these changes using the installation wizard. As the changes are directly installed on the managed device, no option is provided to verify and check the configuration changes through FortiManager.

 

NEW QUESTION 44
Refer to the exhibit. Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

  • A. Policy seq.# 3 will be installed on the Trainer[NAT] VDOM only.
  • B. Policy seq.# 3 will not be installed on any managed device.
  • C. Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.
  • D. The Install On column value represents successful installations on the managed devices.

Answer: C

 

NEW QUESTION 45
When a FortiManager HA primary device fails, which two statements are correct for promoting a secondary device to the primary role? (Choose two)

  • A. Must manually reconfigure one of the secondary devices to become the master device.
  • B. The FortiManager HA suports IP takeover where an HA state transition does not require manual intervention.
  • C. All other secondary devices must be reconfigured to point to new primary device.
  • D. Reboot is required when promoting from secondary to primary.

Answer: A,C

 

NEW QUESTION 46
Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

  • A. It disables concurrent read-write access to an ADOM.
  • B. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.
  • C. It allows the same administrator to lock more than one ADOM at the same time.
  • D. It is used to validate administrator login attempts through external servers.

Answer: A,C

Explanation:
Reference:
https://docs.fortinet.com/document/fortimanager/6.0.4/administration-guide/86456/concurrentadom-access

 

NEW QUESTION 47
......

Dumps Brief Outline Of The NSE5_FMG-6.2 Exam: https://www.actualpdf.com/NSE5_FMG-6.2_exam-dumps.html

Related Articles

more
Fortinet NSE5_FMG-6.2 Certification Practice Exam