New update Lead4Pass NSE5_FMG-7.0 Dumps with PDF and VCE| Fortinet NSE 5 – FortiManager 7.0 Exam
New updated leads4pass NSE5_FMG-7.0 Dumps with PDF file and VCE practice exam engine to help pass the Fortinet NSE 5 – FortiManager 7.0 Exam successfully!
leads4pass NSE5_FMG-7.0 exam dumps contain 65 exam questions and answers, covering complete Fortinet NSE 5 – FortiManager 7.0 certification exam questions, and verified to be true and valid, check here to get the latest leads4pass NSE5_FMG-7.0 dumps: https://www.leads4pass.com/nse5_fmg-7-0.html (PDF+VCE).
Check out the NSE5_FMG-7.0 PDF exam questions and answers shared for free: https://drive.google.com/file/d/1G0-kKf9pAO_UdatCgQVIAgnVFmWrzi3d/
Also, read the latest 15 leads4pass NSE5_FMG-7.0 exam questions and answers online:
Question 1:
An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?
A. When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package
B. When a new policy package is created, the administrator needs to reapply the global policy package to ADOM1.
C. When a new policy package is created, the administrator must assign the global policy package from the global ADOM.
D. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.
Correct Answer: D
Question 2:
View the following exhibit:
How will FortiManager try to get updates for antivirus and IPS?
A. From the list of configured override servers with ability to fall back to public FDN servers
B. From the configured override server list only
C. From the default server fdsl.fortinet.com
D. From public FDNI server with highest index number only
Correct Answer: A
Question 3:
Which three settings are the factory default settings on FortiManager? (Choose three.)
A. Username is admin
B. Password is fortinet
C. FortiAnalyzer features are disabled
D. Reports and Event Monitor panes are enabled
E. port1 interface IP address is 192.168.1.99/24
Correct Answer: ACE
Question 4:
You are moving managed FortiGate devices from one ADOM to a new ADOM.
Which statement correctly describes the expected result?
A. Any pending device settings will be installed automatically
B. Any unused objects from a previous ADOM are moved to the new ADOM automatically
C. The shared policy package will not be moved to the new ADOM
D. Policy packages will be imported into the new ADOM automaticallyD
Correct Answer: C
Question 5:
An administrator wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?
A. FortiManager will not allow the administrator to delete a referenced address object
B. FortiManager will disable the status of the referenced firewall policy
C. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy
D. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
Correct Answer: C
Question 6:
An administrator runs the reload failure command: diagnose test deploymanager reload config on FortiManager. What does this command do?
A. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.
B. It installs the latest configuration on the specified FortiGate and updates the revision history database.
C. It compares and provides differences in the configuration on FortiManager with the current running configuration of the specified FortiGate.
D. It installs the provisioning template configuration on the specified FortiGate.
Correct Answer: A
Question 7:
An administrator would like to create an SD-WAN using central management in the Training ADOM.
To create an SD-WAN using central management, which two steps must be completed? (Choose two.)
A. Specify a gateway address when you create a default SD-WAN static route
B. Enable SD-WAN central management in the Training ADOM
C. Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SDWAN template settings
D. Remove all the interface references such as routes or policies that will be a part of SD-WAN member interfaces
Correct Answer: BD
Question 8:
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?
A. Set to workflow and use the ADOM locking feature
B. Set to read/write and use the policy locking feature
C. Set to normal and use the policy locking feature
D. Set to disable and use the policy locking feature
Correct Answer: A
https://help.fortinet.com/fmgr/50hlp/52/5-2-0/FMG_520_Online_Help/200_What\’s-New.03.03.html
Question 9:
Which configuration setting for FortiGate is part of a device-level database on FortiManager?
A. VIP and IP Pools
B. Firewall policies
C. Security profiles
D. Routing
Correct Answer: D
The FortiManager stores the FortiGate configuration details in two distinct databases. The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more.
The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.
Question 10:
Which two statements about the scheduled backup of FortiManager are true? (Choose two.)
A. It does not back up firmware images saved on FortiManager.
B. It can be configured using the CLI and GUI.
C. It backs up all devices and the FortiGuard database.
D. It supports FTP, SCP, and SFTP.
Correct Answer: AD
Question 11:
View the following exhibit.
If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)
A. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.
Correct Answer: AC
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager.
FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address if the FGFM tunnel is interrupted.
Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.
Question 12:
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?
A. The FortiGate will be added automatically to the default ADOM named FortiGate.
B. The FortiGate will be automatically added to the Training ADOM.
C. By default, the unregistered FortiGate will appear in the root ADOM.
D. The FortiManager administrator must add the unregistered device manually to the Training ADOM using the Add Device wizard
Correct Answer: C
Reference: https://docs.fortinet.com/document/fortimanager/7.0.0/administration-guide/718923/root-adom
Question 13:
View the following exhibit.
Which statement is true regarding this failed installation log?
A. Policy ID 2 is installed without a source address
B. Policy ID 2 will not be installed
C. Policy ID 2 is installed in a disabled state
D. Policy ID 2 is installed without a source device
Correct Answer: D
Question 14:
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?
A. Secondary device with the highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device
B. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
C. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.
D. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
Correct Answer: C
FortiManager HA doesn’t support IP takeover where an HA state transition is transparent to administrators.
If a failure of the primary occurs, the administrator must take corrective action to resolve the problem which may include invoking the state transition.
If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1.
Manually reconfigure one of the secondary devices to become the primary device
2.
Reconfigure all other secondary devices to point to the new primary device
Question 15:
Which two conditions trigger FortiManager to create a new revision history? (Choose two.)
A. When configuration revision is reverted to the previous revision in the revision history
B. When FortiManager installs device-level changes to a managed device
C. When FortiManager is auto-updated with configuration changes made directly on a managed device
D. When changes to the device-level database are made on FortiManager
Correct Answer: BC
…