Halloween Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.

Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

A.

The administrator logged in using the unsecure protocol HTTP, so the view is restricted.

B.

The administrator profile does not have full access privileges like the Super_User profile.

C.

The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

D.

FortiAnalyzer features are not enabled on FortiManager.

Full Access
Question # 5

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Full Access
Question # 6

What is the purpose of ADOM revisions?

A.

To create System Checkpoints for the FortiManager configuration.

B.

To save the current state of the whole ADOM.

C.

To save the current state of all policy packages and objects for an ADOM.

D.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Full Access
Question # 7

View the following exhibit.

What is the purpose of setting ADOM Mode to Advanced?

A.

The setting allows automatic updates to the policy package configuration for a managed device

B.

The setting enables the ADOMs feature on FortiManager

C.

This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.

D.

The setting disables concurrent ADOM access and adds ADOM locking

Full Access
Question # 8

Refer to the exhibits.

Exhibit one.

Exhibit two.

An administrator created a new system template named Training with two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.

What can be the main reason for these unset commands?

A.

The DNS addresses in the default system settings are the same as the Training system template

B.

The Training system template has other default settings

C.

The ADOM is locked by another administrator

D.

The Training system template does not have assigned devices

Full Access
Question # 9

View the following exhibit.

Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

A.

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM.

B.

Policy seq.# 3 will be skipped because no installation targets are specified.

C.

Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.

D.

Policy seq.# 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target.

E.

Policy seq # 1 will be installed on the Remote-FortiGate root[NAT] and Student[NAT] VDOMs only.

Full Access
Question # 10

An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.

Which troubleshooting step should you take to resolve the issue?

A.

Make sure FortiManager Access is enabled in the administrator profile

B.

Make sure Offline Mode is disabled

C.

Make sure the administrator IP address is part of the trusted hosts.

D.

Make sure ADOMs are enabled and the administrator has access to the Global ADOM

Full Access
Question # 11

Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

A.

It does not back up firmware images saved on FortiManager.

B.

It can be configured using the CLI and GUI.

C.

It backs up all devices and the FortiGuard database.

D.

It supports FTP, SCP, and SFTP.

Full Access
Question # 12

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

A.

VIP and IP Pools

B.

Firewall policies

C.

Security profiles

D.

Routing

Full Access
Question # 13

An administrator would like to review, approve, or reject all the firewall policy changes made by the junior

administrators.

How should the Workspace mode be configured on FortiManager?

A.

Set to workflow and use the ADOM locking feature

B.

Set to read/write and use the policy locking feature

C.

Set to normal and use the policy locking feature

D.

Set to disable and use the policy locking feature

Full Access
Question # 14

Which two items does an FGFM keepalive message include? (Choose two.)

A.

FortiGate uptime

B.

FortiGate license information

C.

FortiGate IPS version

D.

FortiGate configuration checksum

Full Access
Question # 15

Exhibit.

Which two statements about the output are true'' (Choose two.)

A.

Configuration changes have been installed on FortiGate. which means the FortiGate configuration has been changed

B.

The latest revision history for the managed FortiGate does match the FortiGate running configuration

C.

Configuration changes directly made on FortiGate have been automatically updated to the device-level database

D.

The latest revision history for the managed FortiGate does not match the device-level database

Full Access
Question # 16

View the following exhibit.

An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

A.

The unused objects that are not tied to the firewall policies will be installed on FortiGate

B.

The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate

C.

The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted

D.

The unused objects that are not tied to the firewall policies in policy package will be deleted from the

FortiManager database

Full Access
Question # 17

An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

A.

When creating a new policy package, the administrator can select the option to assign the global policy

package to the new policy package

B.

When a new policy package is created, the administrator needs to reapply the global policy package to

ADOM1.

C.

When a new policy package is created, the administrator must assign the global policy package from the global ADOM.

D.

When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

Full Access
Question # 18

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

A.

When you configure MEA, you must open TCP or UDP port 540.

B.

You must open the ports to the Fortinet registry

C.

You must create a MEA special policy on FortiManager using the super user profile

D.

The administrator must have the super user profile.

Full Access
Question # 19

An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.

Which interface must the administrator select in the static route device drop-down list?

A.

port2

B.

virtual-wan-link

C.

port1

D.

auto-discovery

Full Access
Question # 20

Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

A.

FortiManager ignored the firewall service category General but created a new service category in its database.

B.

FortiManager ignored the firewall service category general and deleted the duplicate value In Its database

C.

FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.

D.

FortiManager ignored the firewall service category General and did not update Its database with the value

Full Access
Question # 21

In the event that one of the secondary FortiManager devices fails, which action must be performed to return the FortiManager HA manual mode to a working state?

A.

The FortiManaqer HA state transition is transparent to administrators and does not require any reconfiguration.

B.

Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

C.

Reconfigure the primary device to remove the peer IP of the failed device.

D.

Reboot the failed device to remove its IP from the primary device.

Full Access
Question # 22

Which of the following statements are true regarding VPN Manager? (Choose three.)

A.

VPN Manager must be enabled on a per ADOM basis.

B.

VPN Manager automatically adds newly-registered devices to a VPN community.

C.

VPN Manager can install common IPsec VPN settings on multiple FortiGate devices at the same time.

D.

Common IPsec settings need to be configured only once in a VPN Community for all managed gateways.

E.

VPN Manager automatically creates all the necessary firewall policies for traffic to be tunneled by IPsec.

Full Access
Question # 23

Refer to the exhibit showing a Download Import Report.

Why is it failing to import firewall policy ID 1?

A.

Policy ID 1 is configured from the interface any to port6. FortiManager rejects the request to import this policy because the any interface does not exist on FortiManager.

B.

The address object used in policy ID 1 already exists in the ADOM database with any as the interface association, and conflicts with the address object interface association locally on FortiGate.

C.

Policy ID 1 does not have the ADOM Interface mapping configured on FortiManager.

D.

Policy ID 1 for this managed FortiGate already exists on FortiManager in the policy package named Remote-FortiGate.

Full Access
Question # 24

Refer to the exhibit.

How will FortiManager try to get updates for antivirus and IPS?

A.

From the list of configured override servers or public FDN servers

B.

From the default server fds1.fortinet.com

C.

From the configured override server IP address 10.0.1.50 only

D.

From public FDNI server IP address with the fourth highest octet only

Full Access
Question # 25

Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

A.

NSX-T Service Template

B.

Security profiles

C.

SNMP

D.

Routing

Full Access
Question # 26

Refer to the exhibit.

On FortiManager, an administrator created a new system template named Training with two new DNS addresses. During the installation preview stage, the administrator notices that central-management settings need to be purged.

What can be the main reason for the central-management purge command?

A.

The Remote-FortiGate device does not have any DNS server-list configured in the central-management settings.

B.

The DNS addresses in the default system settings are the same as the Training system template.

C.

The ADOM is locked by another administrator.

D.

The Training system template has a default FortiGuard widget.

Full Access
Question # 27

Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

A.

It supports the FortiManager script feature

B.

It allows making configuration changes for managed devices on FortiManager panes

C.

FortiManager automatically installs the configuration difference in revisions on the managed FortiGate

D.

You cannot assign the same ADOM to multiple administrators

Full Access
Question # 28

An administrator has enabled Service Access on FortiManager.

What is the purpose of Service Access on the FortiManager interface?

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Full Access
Question # 29

Refer to the exhibit.

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

A.

192.168.0.1/24

B.

10.200.1.0/24

C.

It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

D.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

Full Access
Question # 30

What will be the result of reverting to a previous revision version in the revision history?

A.

It will install configuration changes to managed device automatically

B.

It will tag the device settings status as Auto-Update

C.

It will generate a new version ID and remove all other revision history versions

D.

It will modify the device-level database

Full Access