NSE5_FMG-6.4 | Top Tips Of Renewal NSE5_FMG-6.4 Free Practice Test

NEW QUESTION 1

An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen?

• A. FortiManager will not allow the administrator to delete a referenced address object
• B. FortiManager will disable the status of the referenced firewall policy
• C. FortiManager will replace the deleted address object with the none address object in the referencedfirewall policy
• D. FortiManager will replace the deleted address object with all address object in the referenced firewall policy

Answer: C

Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/56/5-6-2/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/12

NEW QUESTION 2

What will be the result of reverting to a previous revision version in the revision history?

• A. It will install configuration changes to managed device automatically
• B. It will tag the device settings status as Auto-Update
• C. It will generate a new version ID and remove all other revision history versions
• D. It will modify the device-level database

Answer: D

NEW QUESTION 3

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

• A. It supports the FortiManager script feature
• B. It allows making configuration changes for managed devices on FortiManager panes
• C. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
• D. You cannot assign the same ADOM to multiple administrators

Answer: AB

Explanation:
"FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."

NEW QUESTION 4

An administrator run the reload failure command: diagnose test deploymanager reload config
<deviceid> on FortiManager. What does this command do?

• A. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.
• B. It installs the latest configuration on the specified FortiGate and update the revision history database.
• C. It compares and provides differences in configuration on FortiManager with the current running configuration of the specified FortiGate.
• D. It installs the provisioning template configuration on the specified FortiGate.

Answer: A

Explanation:
Reference:
https://community.fortinet.com/t5/FortiManager/Technical-Note-Retrieve-configuration-file-using-CLI-from-a/t

NEW QUESTION 5

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

• A. When configuration revision is reverted to previous revision in the revision history
• B. When FortiManager installs device-level changes to a managed device
• C. When FortiManager is auto-updated with configuration changes made directly on a managed device
• D. When changes to device-level database is made on FortiManager

Answer: BC

Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FortiManager_Admin_Guide/1000_Device%20Manager/1500_M

NEW QUESTION 6

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

• A. The Security Fabric license, group name and password are required for the FortiManager Security Fabric integration
• B. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
• C. The Security Fabric settings are part of the device level settings
• D. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

Answer: CD

NEW QUESTION 7

View the following exhibit.

Given the configurations shown in the exhibit, what can you conclude from the installation targets in the
Install On column?

• A. The Install On column value represents successful installation on the managed devices
• B. Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets
• C. Policy seq#3 will be installed on the Trainer[NAT] VDOM only
• D. Policy seq#3 will be not installed on any managed device

Answer: B

NEW QUESTION 8

An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session.
What can prevent an admin account that has Super_User rights over the device from approving a workflow session?

• A. Trainer is not a part of workflow approval group
• B. Trainer does not have full rights over this ADOM
• C. Trainer must close Student’s workflow session before approving the request
• D. Student, who submitted the workflow session, must first self-approve the request

Answer: A

Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/0800_ADOMs/1800_Workflow/0600_Workflow%20s

NEW QUESTION 9

What does a policy package status of Modified indicate?

• A. FortiManager is unable to determine the policy package status
• B. The policy package was never imported after a device was registered on FortiManager
• C. The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager
• D. The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.

Answer: D

Explanation:
Reference:
http://help.fortinet.com/fmgr/50hlp/56/5-6-1/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/080

NEW QUESTION 10

View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

• A. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
• B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
• C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
• D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Answer: AC

Explanation:
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.

NEW QUESTION 11

Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

• A. The same administrator can lock more than one ADOM at the same time
• B. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out
• C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
• D. Unlocking an ADOM will install configuration automatically on managed devices

Answer: AB

Explanation:
Reference: http://help.fortinet.com/fmgr/cli/5-6-2/Document/0800_AD0Ms/200_Configuring+.htm

NEW QUESTION 12

Which two items does an FGFM keepalive message include? (Choose two.)

• A. FortiGate uptime
• B. FortiGate license information
• C. FortiGate IPS version
• D. FortiGate configuration checksum

Answer: CD

Explanation:
Reference:
https://docs.fortinet.com/document/fortimanager/6.2.0/fortigate-fortimanager-communications-protocol-guide/5

NEW QUESTION 13

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?

• A. Set to workflow and use the ADOM locking feature
• B. Set to read/write and use the policy locking feature
• C. Set to normal and use the policy locking feature
• D. Set to disable and use the policy locking feature

Answer: A

Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/52/5-2-0/FMG_520_Online_Help/200_What's-New.03.03.html

NEW QUESTION 14

Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.
Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

• A. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.
• B. The administrator profile does not have full access privileges like the Super_User profile.
• C. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.
• D. FortiAnalyzer features are not enabled on FortiManager.

Answer: BD

NEW QUESTION 15

An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?

• A. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
• B. You must specify a gateway address when you create a default static route
• C. Remove all the interface references such as routes or policies
• D. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Answer: D

NEW QUESTION 16

Which three settings are the factory default settings on FortiManager? (Choose three.)

• A. Username is admin
• B. Password is fortinet
• C. FortiAnalyzer features are disabled
• D. Reports and Event Monitor panes are enabled
• E. port1 interface IP address is 192.168.1.99/24

Answer: ACE

NEW QUESTION 17
......