Fortinet NSE5_FMG-7.2 exam actual questions shared online

July 30, 2024

The latest Fortinet NSE5_FMG-7.2 exam actual questions are shared for free online by Leads4Pass IT certification providers to help candidates practice the exam effectively and successfully pass it.

Leads4Pass provides Fortinet NSE5_FMG-7.2 exam questions with PDF and VCE: https://www.leads4pass.com/nse5_fmg-7-2.html. The latest exam practice material contains 88 exam questions and answers.

Latest exam tips:

  • Exam series: NSE5_FMG-7.2
  • Number of questions: 35
  • Exam time: 70 minutes
  • Language: English, Japanese
  • Product version: FortiManager 7.2
  • Status: Available until August 31, 2024
  • Exam details: exam description

Highlight:

  • The latest Fortinet NSE5_FMG-7.2 exam actual questions
  • Verify answers to actual questions online
  • Get the complete Fortinet NSE5_FMG-7.2 exam actual questions

Fortinet NSE5_FMG-7.2 exam actual questions online practice

SupplierNumber of exam questionsVerify AnswersRelated exam questions
Leads4Pass88 Q&ANSE5_FMG-7.2 exam answersNSE5

Question 1:

Refer to the exhibit.

Fortinet NSE5_FMG-7.2 exam actual questions 1

An administrator has created a firewall address object, Training, which is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for theTrainingfirewall address object?

A. 192.168.0.1/24

B. 10.200.1.0/24

C. It will create a firewall address group on Local-FortiGate with 192.168.0.1/24and10.0.1.0/24object values.

D. Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

ps. Do the questions first and verify the answers at the end of the article for better results!

Question 2:

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

A. When you configure MEA, you must open TCP or UDP port 540.

B. You must open the ports to the Fortinet registry

C. You must create an MEA special policy on FortiManager using the super user profile

D. The administrator must have the super user profile.

ps. Do the questions first and verify the answers at the end of the article for better results!

Question 3:

Refer to the following exhibit:

Fortinet NSE5_FMG-7.2 exam actual questions 3

Which of the following statements are true based on this configuration? (Choose two.)

A. The same administrator can lock more than one ADOM at the same time

B. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator

D. Unlocking an ADOM will install configuration automatically on managed devices

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:http://help.fortinet.com/fmgr/cli/5-6-2/Document/0800_AD0Ms/200_Configuring+.htm

Question 4:

Which two statements regarding device management on FortiManager are true? (Choose two.)

A. FortiGate devices in HA cluster devices are counted as a single device.

B. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D. The maximum number of managed devices for each ADOM is 500.

ps. Do the questions first and verify the answers at the end of the article for better results!

Question 5:

View the following exhibit:

Fortinet NSE5_FMG-7.2 exam actual questions 5

How will FortiManager try to get updates for antivirus and IPS?

A. From the list of configured override servers with the ability to fall back to public FDN servers

B. From the configured override server list only

C. From the default serverfdsl.fortinet.com

D. From the public FDNI server with the highest index number only

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference: https://community.fortinet.com/t5/Fortinet-Forum/Clarification-of-FortiManager-s-quot-Server-Override-Mode-quot/td-p/89973

Question 6:

If the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

A. Secondary device with the highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device

B. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.

C. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

D. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.

ps. Do the questions first and verify the answers at the end of the article for better results!

FortiManager_6.4_Study_Guide-Online page 346 FortiManager HA doesn’t support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following to return the FortiManager HA to a working state:

1.

Manually reconfigure one of the secondary devices to become the primary device

2.

Reconfigure all other secondary devices to point to the new primary device

Question 7:

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

A. The Security Fabric license, group name, and password are required for the FortiManager Security Fabric integration

B. TheFabric Viewmodule enables you to generate the Security Fabric ratings for Security Fabric devices

C. The Security Fabric settings are part of the device-level settings

D. TheFabric Viewmodule enables you to view the Security Fabric ratings for Security Fabric devices

ps. Do the questions first and verify the answers at the end of the article for better results!

Question 8:

What does the diagnose dvm check-integrity command do? (Choose two.)

A. Internally upgrades existing ADOMs to the same ADON version to clean up and correct the ADOM syntax

B. Verifies and corrects unregistered, registered, and deleted device states

C. Verifies and corrects database schemas in all object tables

D. Verifies and corrects duplicate VDOM entries

ps. Do the questions first and verify the answers at the end of the article for better results!

6.2 Study Guide page 305verify and correct parts of the device manager databases, including:?inconsistent device-to-group and group-to-ADOM memberships. unregistered, registered, and deleted device states?device lock statuses? duplicate VDOM entries

Question 9:

An administrator, Trainer, who is assigned theSuper_Userprofile, is trying to approve a workflow session that was submitted by another administrator, Student. However, the Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_Userrights over the device from approving a workflow session?

Fortinet NSE5_FMG-7.2 exam actual questions 9

A. Trainer is not a part of the workflow approval group

B. Trainer does not have full rights over this ADOM

C. Trainer must close Student\’s workflow session before approving the request

D. Student, who submitted the workflow session, must first self-approve the request

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/0800_ADOMs/1800_Workflow/0600_Workflow%20sessions.htm

Question 10:

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators. How should the Workspace mode be configured on FortiManager?

A. Set to workflow and use the ADOM locking feature

B. Set to read/write and use the policy-locking feature

C. Set to normal and use the policy locking feature

D. Set to disable and use the policy-locking feature

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:https://help.fortinet.com/fmgr/50hlp/52/5-2-0/FMG_520_Online_Help/200_What\’s-New.03.03.html

Question 11:

When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

B. FortiManager will revert and install a previous configuration revision on the managed FortiGate.

C. FortiGate will reject the CLI commands that will cause the tunnel to go down.

D. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

ps. Do the questions first and verify the answers at the end of the article for better results!

The configuration change will break the form connection, causing the FortiGate unit to attempt to reconnect for 900 seconds. If the FortiGate cannot reconnect, it will roll back to its previous configuration.

Question 12:

Refer to the exhibit.

Fortinet NSE5_FMG-7.2 exam actual questions 12

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

A. FortiManager ignored the firewall service category General but created a new service category in its database.

B. FortiManager ignored the firewall service category general and deleted the duplicate value In Its Database

C. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

D. FortiManager ignored the firewall service category General and did not update Its database with the value

ps. Do the questions first and verify the answers at the end of the article for better results!

Question 13:

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

A. Managed gateways are devices managed by FortiManager in the same ADOM

B. External gateways are third-party VPN gateway devices only

C. Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec VPN

D. Managed devices in other ADOMs must be treated as external gateways

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:http://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/1300_VPN_Manager/0800_IPsec_VPN_Gateway/0400_Create_mngd_gateway.htm

Question 14:

View the following exhibit.

Fortinet NSE5_FMG-7.2 exam actual questions 14

What is the purpose of setting ModetoAdvanced?

A. The setting allows automatic updates to the policy package configuration for a managed device

B. The setting enables the ADOMs feature on FortiManager

C. This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

D. The setting disables concurrent ADOM access and adds ADOM locking

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/66530/adom-device-modes

Question 15:

An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

A. When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package

B. When a new policy package is created, the administrator needs to reapply the global policy package to ADOM1.

C. When a new policy package is created, the administrator must assign the global policy package from the global ADOM.

D. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

ps. Do the questions first and verify the answers at the end of the article for better results!

Reference:https://help.fortinet.com/fmgr/50hlp/56/5-6-2/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/0800_Managing%20policy %20packages/1200_Assign%20a%20global%20policy%20package.htm

Fortinet NSE5_FMG-7.2 exam questions answers

Q1Q2Q3Q4Q5Q6Q7Q8Q9Q10Q11Q12Q13Q14Q15
BCDABACACCDBDAAADADCA

Leads4Pass provides Fortinet NSE5_FMG-7.2 exam ACTUAL questions with PDF and VCE: https://www.leads4pass.com/nse5_fmg-7-2.html. The latest exam practice material contains 88 exam questions and answers.