• Home
  • Articles
  • NSE5_FMG-7.0 Training & Certification Get Latest NSE 5 Network Security Analyst Updated on Jul 22, 2024 [Q26-Q48]

NSE5_FMG-7.0 Training & Certification Get Latest NSE 5 Network Security Analyst Updated on Jul 22, 2024 [Q26-Q48]

Share

NSE5_FMG-7.0 Training & Certification Get Latest NSE 5 Network Security Analyst Updated on Jul 22, 2024

Certification Training for NSE5_FMG-7.0 Exam Dumps Test Engine

NEW QUESTION # 26
Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

  • A. FortiManager ignored the firewall service category General and did not update Its database with the value
  • B. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.
  • C. FortiManager ignored the firewall service category general and deleted the duplicate value In Its database
  • D. FortiManager ignored the firewall service category General but created a new service category in its database.

Answer: B


NEW QUESTION # 27
An administrator would like to create an SD-WAN using central management. What steps does the
administrator need to perform to create an SD-WAN using central management?

  • A. You must specify a gateway address when you create a default static route
  • B. Remove all the interface references such as routes or policies
  • C. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
  • D. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

Answer: C


NEW QUESTION # 28
Refer to the exhibit.

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.
When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

  • A. 192.168.0.1/24
  • B. Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.
  • C. It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.
  • D. 10.200.1.0/24

Answer: D

Explanation:
FortiManager_6.4_Study_Guide-Online - page 209
In the example, the dynamic address object LocalLan refers to the internal network address of the managed firewalls. The object has a default value of 192.168.1.0/24. The mapping rules are defined per device. For Remote-FortiGate, the address object LocalLan referes to 10.10.11.0/24. The devices in the ADOM that do not have dynamic mapping for LocalLan have a default value of 192.168.1.0/2.


NEW QUESTION # 29
An administrator wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?

  • A. FortiManager will disable the status of the referenced firewall policy
  • B. FortiManager will replace the deleted address object with the none address object in the referenced
    firewall policy
  • C. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
  • D. FortiManager will not allow the administrator to delete a referenced address object

Answer: B


NEW QUESTION # 30
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  • B. Configuration changes directly made on the FortiGate have been automatically updated to device-level
  • C. The latest history for the managed FortiGate does not match with the device-level database
  • D. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

Answer: A,C

Explanation:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up - dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager. - conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. - cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: - Revision DB does match FortiGate. - No changes were installed to FortiGate yet. - Device DB doesn't match Revision DB. - No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve: device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT


NEW QUESTION # 31
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
  • B. The Security Fabric license, group name and password are required for the FortiManager Security Fabric
    integration
  • C. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
  • D. The Security Fabric settings are part of the device level settings

Answer: A,D


NEW QUESTION # 32
What will happen if FortiAnalyzer features are enabled on FortiManager?

  • A. FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.
  • B. FortiManager will keep all the logs and reports on the FortiManager.
  • C. FortiManager can be used only as a logging device.
  • D. FortiManager will install the logging configuration to the managed devices

Answer: D


NEW QUESTION # 33
Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

  • A. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
  • B. It allows making configuration changes for managed devices on FortiManager panes
  • C. It supports the FortiManager script feature
  • D. You cannot assign the same ADOM to multiple administrators

Answer: B,C

Explanation:
"FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."


NEW QUESTION # 34
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Verifies and corrects unregistered, registered, and deleted device states
  • B. Verifies and corrects duplicate VDOM entries
  • C. Verifies and corrects database schemas in all object tables
  • D. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax

Answer: A,B

Explanation:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries


NEW QUESTION # 35
Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

  • A. When you configure MEA, you must open TCP or UDP port 540.
  • B. The administrator must have the super user profile.
  • C. You must open the ports to the Fortinet registry
  • D. You must create a MEA special policy on FortiManager using the super user profile

Answer: B,D


NEW QUESTION # 36
Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

  • A. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
  • B. Unlocking an ADOM will install configuration automatically on managed devices
  • C. The same administrator can lock more than one ADOM at the same time
  • D. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

Answer: C,D


NEW QUESTION # 37
Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

  • A. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
  • B. It allows making configuration changes for managed devices on FortiManager panes
  • C. It supports the FortiManager script feature
  • D. You cannot assign the same ADOM to multiple administrators

Answer: B,C

Explanation:
"FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."


NEW QUESTION # 38
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  • B. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
  • C. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
  • D. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

Answer: D


NEW QUESTION # 39
Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

  • A. Protected subnets are the subnets behind the device that you don't want to allow access to over the IPsec VPN
  • B. Managed gateways are devices managed by FortiManager in the same ADOM
  • C. Managed devices in other ADOMs must be treated as external gateways
  • D. External gateways are third-party VPN gateway devices only

Answer: B,C


NEW QUESTION # 40
Refer to the exhibits.
Exhibit one.

Exhibit two.

An administrator created a new system template named Training with two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.
What can be the main reason for these unset commands?

  • A. The Training system template does not have assigned devices
  • B. The ADOM is locked by another administrator
  • C. The Training system template has other default settings
  • D. The DNS addresses in the default system settings are the same as the Training system template

Answer: C


NEW QUESTION # 41
Refer to the exhibit.

Which statement about the object named ALL is true?

  • A. FortiManager installed the object ALL with the updated value.
  • B. FortiManager updated the object ALL using the FortiGate value in its database.
  • C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
  • D. FortiManager updated the object ALL using the FortiManager value in its database.

Answer: B


NEW QUESTION # 42
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  • B. Configuration changes directly made on the FortiGate have been automatically updated to device-level
  • C. The latest history for the managed FortiGate does not match with the device-level database
  • D. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

Answer: A,C

Explanation:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up - dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager. - conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. - cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: - Revision DB does match FortiGate. - No changes were installed to FortiGate yet. - Device DB doesn't match Revision DB. - No changes were done on FortiGate (auto-update) but configuration was retrieved instead After an Auto-Update or Retrieve: device database = latest revision = FGT Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT


NEW QUESTION # 43
An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?

  • A. You must specify a gateway address when you create a default static route
  • B. Remove all the interface references such as routes or policies
  • C. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
  • D. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

Answer: C


NEW QUESTION # 44
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager updated the object ALL using FortiGate's value in its database
  • B. FortiManager installed the object ALL with the updated value.
  • C. FortiManager updated the object ALL using FortiManager's value in its database
  • D. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.

Answer: A


NEW QUESTION # 45
View the following exhibit, which shows the Download Import Report:

Why it is failing to import firewall policy ID 2?

  • A. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate
  • B. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager
  • C. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager
  • D. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

Answer: A

Explanation:
FortiManager_6.4_Study_Guide-Online - page 331 & 332


NEW QUESTION # 46
An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.
Which troubleshooting step should you take to resolve the issue?

  • A. Make sure FortiManager Access is enabled in the administrator profile
  • B. Make sure the administrator IP address is part of the trusted hosts.
  • C. Make sure Offline Mode is disabled
  • D. Make sure ADOMs are enabled and the administrator has access to the Global ADOM

Answer: B

Explanation:
Even if a user entered the correct userid/password, the FMG denies access if a user is logging in from an untrusted source IP subnets.
Topic 1, Main Questions Pool B


NEW QUESTION # 47
What is the purpose of ADOM revisions?

  • A. To create System Checkpoints for the FortiManager configuration.
  • B. To save the current state of all policy packages and objects for an ADOM.
  • C. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
  • D. To save the current state of the whole ADOM.

Answer: B

Explanation:
Fortimanager 6.4 Study guide page 198


NEW QUESTION # 48
......

Step by Step Guide to Prepare for NSE5_FMG-7.0 Exam: https://pass4sure.examtorrent.com/NSE5_FMG-7.0-prep4sure-dumps.html

Related Articles

more
Fortinet NSE5_FMG-7.0 Certification Practice Exam

Valid exam torrent sheet will be a shortcut for every buyer to obtain certifications. We ExamTorrent provide new dumps torrent file with 99.59% passing rate. If you have any question about our products we the best quality and the service attitude will serve for you!

Latest Dump pass for sure

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamTorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy