Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Discussions
  1. Home
  2. Fortinet
  3. Fortinet Network Security Expert
  4. FCP_FMG_AD-7.6
  5. FortiManager 7.6 Administrator Questions and Answers

Pass the Fortinet Network Security Expert FCP_FMG_AD-7.6 Questions and answers with ValidTests

Exam FCP_FMG_AD-7.6 All Questions
Exam FCP_FMG_AD-7.6 Premium Access

View all detail and faqs for the FCP_FMG_AD-7.6 exam

Go to Exam
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions
Questions # 1:

Refer to the exhibits.

Question # 1

Question # 1

An administrator needed to recover all the configurations related to the user, Support. The configurations were saved in configuration revision ID 9.

The administrator reverted the configuration using theConfiguration Revision Historywindow and received the CLI output shown in the exhibit.

What can you conclude from the CLI output?

Options:

A.

The administrator set the flag to 0 to prevent configuration overrides.

B.

The administrator reinstalled the policy package.

C.

The administrator needs to retrieve the device to correctly detect the FortiGate firmware version.

D.

The administrator installed only the device-level configuration.

Expert Solution
Questions # 2:

Refer to the exhibit.

Question # 2

If the monitored interface for the primary FortiManager device fails, what must you do to maintain high availability (HA)?

Options:

A.

The FortiManager HAfailover is transparent to administrators and does not require any additional action.

B.

Manually promote one of the working secondary devices to the primary role: and reboot the original primary device to remove the peer IP address of the failed device.

C.

Reconfigure the primary device to remove the peer IP address of the failed device from its configuration.

D.

Check the integrity database of the primary device to force a secondary device to become the new primary with all active interfaces.

Expert Solution
Questions # 3:

Refer to the exhibits.

Question # 3

Question # 3

Question # 3

An administrator needs to push a FortiToken Mobile to assign it to HR_user in the HQ-NGFW-1.

However, when installing the policy package, they receive the following error message:

Question # 3

Why is the administratornotable to install the FortiToken on the HQ-NGFW-1 firewall?

Options:

A.

The administrator must use a user local meta field to assign FortiToken.

B.

The administrator must use a valid FortiToken that exists on HQ-NGFW-1.

C.

The administrator must use a metadata variable to assign the same FortiToken to multiple users in FortiManager.

D.

The administrator must use per-device mapping to assign the FortiToken to HQ-NGFW-1.

Expert Solution
Questions # 4:

Refer to the exhibit.

Question # 4

An administrator added a FortiGate device to FortiManager with the default object settings at the ADOM layer.

What can you conclude from the import policy package process of the HQ-NGFW- 1 device?

Options:

A.

The administrator must select Per Platform for all interfaces to correctly detect all interfaces from HQ-NGFW-1.

B.

The administrator must manually create the port4 interface on the ADOM layer to avoid import policy errors.

C.

FortiManager will create LAN, port4, and port6 as normalized interfaces at the ADOM layer.

D.

FortiGate may not work as expected when the administrator does not import all objects.

Expert Solution
Questions # 5:

Refer to the exhibits.

Question # 5

Question # 5

Question # 5

FortiGate HQ-NGFW-1 downloads and validates FortiGuard databases from FortiManager which acts as a local FortiGuard Distribution Server (FDS) in a closed network. An administrator pushes a new firewall policy with an intrusion prevention system (IPS) profile from FortiManager to FortiGate HQ- NGFW-1 However, FortiGate does not recognize the new IPS signature from FortiManager.

What is the most likely reason why FortiGate HQ-NGFW-1 does not recognize the new IPS signature?

Options:

A.

FortiGate must enable rating for the FortiManager IP address, 192.168.1.120, in server list 1.

B.

FortiManager and FortiGate have different IPS database versions.

C.

The administrator must enable IPv6 connections for FortiGuard services on FortiManager.

D.

The administrator must enable the fortiguard-anycast option to correctly download all signatures from the local FDS.

Expert Solution
Questions # 6:

An administrator has assigned a global policy package to a new ADOM named ADOM1.

What will happen if the administrator tries to create a new policy package in ADOM1?

Options:

A.

The administrator will be able to select the option to assign the global policy package to the new policy package.

B.

FortiManager will automatically assign the global policy package to the new policy package.

C.

FortiManager will automatically install policies on the policy package in ADOM1.

D.

The administrator will have to assign the global policy package from the global ADOM.

Expert Solution
Questions # 7:

An administrator has a FortiGate-HQ device with VDOMs—root, HR and Facilities, currently managed under the FortiManager ADOM—Site1. They try to move VDOM HR to the FortiManager ADOM—Site2, but it does not work.

Why is the administrator not able to move FortiGate-HQ VDOM HR to FortiManager ADOM—Site2?

Options:

A.

The FortiGate-HQ must be managed under the FortiManager ADOM—root to allow moving its VDOMs to different ADOMs.

B.

The administrator must have full access in the device layer of FortiGate-HQ VDOM-root before they can VDOMs to different ADOMs.

C.

FortiManager must be in ADOM normal mode, which does not allow VDOMs to be managed separately.

D.

The administrator must delete the FortiGate-HQ device from FortiManager and add it again using the Add Device wizard before moving the VDOM.

Expert Solution
Questions # 8:

Company policy dictates that any time a change is made to a policy package on FortiManager an ADOM revision is created before the change installed, and that revision is held for a minimum of 90 days.

Over the past three months, each installed change has resulted in several unused policies and duplicate objects.

The FortiManager administrator plans to upgrade the FortiGate devices and then upgrade the FortiManager ADOM from version 7.4 to 7.6.

Which action can the administrator take to avoid slow ADOM upgrades?

Options:

A.

Check and repair the global configuration database before upgrading.

B.

Export firewall policies to Excel, delete them on the ADOM. then reimport them after upgradingthe ADOM.

C.

Find unused firmware templates, then delete them before upgrading.

D.

Limit ADOM revisions before upgrading.

Expert Solution
Questions # 9:

Refer to the exhibit.

Question # 9

An administrator created two new meta fields in FortiManager.

Which operation can you perform with these parameters?

Options:

A.

You can add them to objects as custom attributes.

B.

You can export them to be used in other ADOMs.

C.

You can use them as variables in scripts.

D.

You can invoke them using the $ character.

Expert Solution
Questions # 10:

An administrator wants to configure and manage multiple objects in the FortiManager database and give access to other users who work in the same database.

To stay in control of the changes made to firewall policies by other team members, the administrator needs a setup where all modifications go through a central check before they can be installed.

How can the administrator create this setup?

Options:

A.

Enable the prompt asking the administrator to accept firewall policies changes before saving.

B.

Enable the workspace (for all ADOMs) to control all changes made by any administrator.

C.

Enable device lock and the advanced mode feature in the ADOM.

D.

Enable workflow mode and the ADOM lock feature.

Expert Solution
Viewing page 1 out of 1 pages
Viewing questions 1-10 out of questions