NSE5_FMG-6.2 Online Practice Questions and Answers

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

A. It supports the FortiManager script feature

B. It allows making configuration changes for managed devices on FortiManager panes

C. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

D. You cannot assign the same ADOM to multiple administrators

Refer to the exhibit.

An administrator has created a firewall address object which is used in multiple policy packages for multiple FortiGate devices in an ADOM.

When the installation operation is performed, which IP/Netmask will be installed on managed devices for this firewall address object?

A. 192.168.0.1/24 on Remote-FortiGate

B. 10.200.1.0/24 on Remote-FortiGate

C. If no dynamic mapping is defined for other FortiGate devices, the object will not be installed

D. The FortiManager administrator can choose the value for the firewall address object in the Install Wizard for Remote-FortiGate

An administrator has enabled Service Access on FortiManager. What is the purpose of Service Access on the FortiManager interface?

A. Allows FortiManager to download IPS packages

B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C. Allows FortiManager to run real-time debugs on the managed devices

D. Allows FortiManager to automatically configure a default route

An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

A. When creating a new policy package, the administrator can select the option to assign the global policy package to the new policy package

B. When a new policy package is created, the administrator needs to reapply the global policy package to ADOM1.

C. When a new policy package is created, the administrator must assign the global policy package from the global ADOM.

D. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

View the following exhibit, which shows the Download Import Report:

Why it is failing to import firewall policy ID 2?

A. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate

B. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager

C. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager

D. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

What configuration setting for FortiGate is part of a device-level database on FortiManager?

A. VIP and IP Pools

B. Firewall policies

C. Security profiles

D. Routing

An administrator has added all the devices in a Security Fabric group to FortiManager. How does the administrator identify the root FortiGate?

A. By a dollar symbol ($) at the end of the device name

B. By an at symbol (@) at the end of the device name

C. By a

D. By an Asterisk (*) at the end of the device name

View the following exhibit.

Which of the following statements are true if FortiManager and FortiGate are behind the NAT devices? (Choose two.)

A. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.

C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.