NSE5_FMG-5.4: FortiManager 5.4 Specialist Practice Questions
What type of access is automatically enabled on an interface after it is added to FortiClient Manager?
A. Device Detection
What does a policy package status of Modified indicate?
A. Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.
B. The policy package was never imported after a device was registered on FortiManager.
C. FortiManager is unable to determine the policy package status.
D. Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager.
Which of the following statements are true regarding ADOM revisions? (Choose two.)
A. ADOM revisions can save the current state of all policy packages and objects for an ADOM.
B. ADOM revisions can significantly increase the size of the configuration backups.
C. ADOM revisions can create System Checkpoints for the FortiManager configuration.
D. ADOM revisions can save the current state of the whole ADOM.
How are the points calculated when using FortiMeter to deploy FortiOS-VM? (Choose two.)
A. Based on the number of sessions on the mgmt interface of FortiOS-VM.
B. Based on the FortiGuard service option enabled for FortiOS-VM.
C. Based on the traffic usage on port1 and port2 on FortiOS-VM.
D. Based on the amount of traffic (per GB) passing through the FortiOS-VM.
As a result of enabling FortiAnalyzer features on FortiManager, which one of the following statements is true?
A. FortiManager can be used only as a logging device.
B. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices.
C. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager.
D. FortiManager will reboot.
An administrator is unable to log in to FortiManager. Which one of the following troubleshooting step should you take to resolve the issue?
A. Make sure FortiManager Access is enabled in the administrator profile.
B. Make sure ADOMs are enabled and the administrator has access to the Global ADOM.
C. Make sure Offline Mode is disabled.
D. Make sure the administrator IP address is part of the trusted hosts.
What are the factory default settings on FortiManager? (Choose three.)
A. Password is fortinet
B. port1 interface IP address is 192.168.1.99/24
C. Service Access is enabled on port1
D. Username is admin
E. Reports and Event Monitor panes are enabled
An administrator wants to delete an address object that is currently referenced in a firewall policy. Which one of the following statements is true?
A. FortiManager will replace the deleted address object with the all address object in the referenced firewall policy.
B. FortiManager will disable the status of the referenced firewall policy.
C. FortiManager will not allow the administrator to delete a referenced address object.
D. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy.
An administrator has assigned a global policy package to custom ADOM1. What will happen if the administrator tries to create a new policy package in custom ADOM1?
A. When a new policy package is created, you need to reapply the global policy package to the ADOM.
B. When creating a new policy package, can select the option to assign the global policies to the new package.
C. When a new policy package is created, it automatically assigns the global policies to the new package.
D. When a new policy package is created, you must assign the global policy package from the global ADOM.
An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?
A. Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP’s state do not require installation.
B. Changes to the AP’s state must be performed directly on the managed FortiGate.
C. Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.
D. Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.
Which of the following statements are true regarding an FGFM keepalive message? (Choose two.)
A. It includes the configuration checksum of FortiGate.
B. The keepalive interval for keepalive messages is configured on FortiGate.
C. It is sent only by FortiGate.
D. It is used between FortiManager HA cluster members to make sure cluster members are in sync.
Which of the following conditions trigger FortiManager to create a new revision history? (Choose two.)
A. When FortiManager installs device-level changes to a managed device.
B. When configuration revision is reverted to previous revision in the revision history.
C. When changes to device-level database is made on FortiManager.
D. When FortiManager is auto-updated with configuration changes made directly on a managed device.
What is the purpose of the Policy Check feature on FortiManager?
A. To find and merge duplicate policies in the policy package.
B. To find and provide recommendation to combine multiple separate policy packages into one common policy package.
C. To find and delete disabled firewall policies in the policy package.
D. To find and provide recommendation for optimizing policies in a policy package.
Which of the following statements are true regarding VPN Manager? (Choose three.)
A. VPN Manager must be enabled on a per ADOM basis.
B. VPN Manager automatically adds newly-registered devices to a VPN community.
C. VPN Manager can install common IPsec VPN settings on multiple FortiGate devices at the same time.
D. Common IPsec settings need to be configured only once in a VPN Community for all managed gateways.
E. VPN Manager automatically creates all the necessary firewall policies for traffic to be tunneled by IPsec.
When installation is performed from the FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?
A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
B. FortiGate will reject the CLI commands that will cause the tunnel to go down.
C. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
D. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.