Fortinet nse5-fmg-6-4 practice test

Fortinet NSE 5 - FortiManager 6.4 Exam


Question 1

View the following exhibit.

An administrator has created a firewall address object, Training, which is used in the Local-FortiGate
policy package. When the install operation is performed, which IP Netmask will be installed on the
Local-FortiGate, for the Training firewall address object?

  • A. 10.0.1.0/24
  • B. It will create firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values
  • C. 192.168.0.1/24
  • D. Local-FortiGate will automatically choose an IP Network based on its network interface settings.
Answer:

A

Discussions

Question 2

View the following exhibit.

When using Install Config option to install configuration changes to managed FortiGate, which of the
following statements are true? (Choose two.)

  • A. Once initiated, the install process cannot be canceled and changes will be installed on the managed device
  • B. Will not create new revision in the revision history
  • C. Installs device-level changes to FortiGate without launching the Install Wizard
  • D. Provides the option to preview configuration changes prior to installing them
Answer:

AC

Discussions

Question 3

What does a policy package status of Modified indicate?

  • A. FortiManager is unable to determine the policy package status
  • B. The policy package was never imported after a device was registered on FortiManager
  • C. The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager
  • D. The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.
Answer:

D

Explanation:
Reference:
http://help.fortinet.com/fmgr/50hlp/56/5-6-
1/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/0800_Managing%20policy%20packa
ges/2200_Policy%20Package%20Installation%20targets.htm

Discussions

Question 4

An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?

  • A. By a dollar symbol ($) at the end of the device name
  • B. By an at symbol (@) at the end of the device name
  • C. By a
  • D. By an Asterisk (*) at the end of the device name
Answer:

D

Discussions

Question 5

Which of the following statements are true regarding schedule backup of FortiManager? (Choose
two.)

  • A. Backs up all devices and the FortiGuard database.
  • B. Does not back up firmware images saved on FortiManager
  • C. Supports FTP, SCP, and SFTP
  • D. Can be configured from the CLI and GUI
Answer:

BC

Discussions

Question 6

An administrator would like to create an SD-WAN using central management. What steps does the
administrator need to perform to create an SD-WAN using central management?

  • A. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
  • B. You must specify a gateway address when you create a default static route
  • C. Remove all the interface references such as routes or policies
  • D. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
Answer:

D

Discussions

Question 7

An administrator would like to create an SD-WAN default static route for a newly created SD-WAN
using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

  • A. port2
  • B. virtual-wan-link
  • C. port1
  • D. auto-discovery
Answer:

B

Discussions

Question 8

View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager updated the object ALL using FortiGate’s value in its database
  • B. FortiManager updated the object ALL using FortiManager’s value in its database
  • C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
  • D. FortiManager installed the object ALL with the updated value.
Answer:

A

Discussions

Question 9

What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax
  • B. Verifies and corrects unregistered, registered, and deleted device states
  • C. Verifies and corrects database schemas in all object tables
  • D. Verifies and corrects duplicate VDOM entries
Answer:

BD

Explanation:
6.2
Study
Guide
page
305
verify
and
correct
parts
of
the
device
manager
databases,
including:

inconsistent
device-to-group
and
group-to-ADOM
memberships

unregistered,
registered,
and
deleted
device
states

device
lock
statuses
duplicate VDOM entries

Discussions

Question 10

An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

  • A. Allows FortiManager to download IPS packages
  • B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices
  • C. Allows FortiManager to run real-time debugs on the managed devices
  • D. Allows FortiManager to automatically configure a default route
Answer:

B

Explanation:
FortiManager 6.2 Study guide page 350
Topic 3, Main Questions Pool C

Discussions
To page 2