Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

Refer to the exhibit.

An administrator has created a firewall address object,Trainingwhich is used in the Local-FortiGate policy package.

When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for theTrainingfirewall address object?

A.

192.168.0.1/24

B.

10.200.1.0/24

C.

It will create a firewall address group on Local-FortiGate with192.168.0.1/24and10.0.1.0/24object values.

D.

Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.

Full Access
Question # 5

An administrator has enabledService Accesson FortiManager.

What is the purpose ofService Accesson the FortiManager interface?

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Full Access
Question # 6

Which two statements regarding device management on FortiManager are true? (Choose two.)

A.

FortiGate devices in HA cluster devices are counted as a single device.

B.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.

The maximum number of managed devices for each ADOM is 500.

Full Access
Question # 7

An administrator’s PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash.

How can the administrator unlock the ADOM?

A.

Restore the configuration from a previous backup.

B.

Log in asSuper_Userin order to unlock the ADOM.

C.

Log in using the same administrator account to unlock the ADOM.

D.

Delete the previous admin session manually through the FortiManager GUI or CLI.

Full Access
Question # 8

Which two items are included in the FortiManager backup? (Choose two.)

A.

FortiGuard database

B.

Global database

C.

Logs

D.

All devices

Full Access
Question # 9

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Full Access
Question # 10

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Full Access
Question # 11

Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

A.

When you configure MEA, you must open TCP or UDP port 540.

B.

You must open the ports to the Fortinet registry

C.

You must create a MEA special policy on FortiManager using the super user profile

D.

The administrator must have the super user profile.

Full Access
Question # 12

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

A.

When FortiManager is auto-updated with configuration changes made directly on a managed device

B.

When changes to the device-level database are made on FortiManager

C.

When FortiManager installs device-level changes on a managed device

D.

When a configuration revision is reverted to a previous revision in the revision history

Full Access
Question # 13

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

A.

Managed gateways are devices managed by FortiManager in the same ADOM

B.

External gateways are third-party VPN gateway devices only

C.

Protected subnets are the subnets behind the device that you don’t want to allow access to over the IPsec

VPN

D.

Managed devices in other ADOMs must be treated as external gateways

Full Access
Question # 14

An administrator would like to create an SD-WAN using central management. What steps does the

administrator need to perform to create an SD-WAN using central management?

A.

First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

B.

You must specify a gateway address when you create a default static route

C.

Remove all the interface references such as routes or policies

D.

Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.

Full Access
Question # 15

Refer to the exhibit.

A junior administrator is troubleshooting a FortiManager connectivity issue that rs occurring with managed FortiGate devices

Given the FortiManager device manager settings shown in the exhibit what can you conclude from the exhibit?

A.

The administrator had restored the FortiManager configuration file

B.

The administrator must refresh both devices to restore connectivity

C.

FortiManager test internet connectivity therefore, both devices appear to be down

D.

The administrator can reclaim the FGFM tunnel to get both devices online

Full Access
Question # 16

View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

A.

FortiManager updated the object ALL using FortiGate’s value in its database

B.

FortiManager updated the object ALL using FortiManager’s value in its database

C.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.

FortiManager installed the object ALL with the updated value.

Full Access
Question # 17

Refer to the exhibit.

According to the error message why is FortiManager failing to add the FortiAnalyzer device?

A.

The administrator must turn off the Use Legacy Device login and add the FortiAnalyzer device to the same network as Forti-Manager

B.

The administrator must select the Forti-Manager administrative access checkbox on the FortiAnalyzer management interface

C.

The administrator must use the Add Model Device section and discover the FortiAnalyzer device

D.

The administrator must use the correct user name and password of the FortiAnalyzer device

Full Access
Question # 18

Push updates are failing on a FortiGate device that is located behind a NAT device Which two settings should the administrator check? (Choose two.)

A.

That the virtual IP address and correct ports are set on the NAT device

B.

That the NAT device IP address and correct ports are configured on FortiManager

C.

That the external IP address on the NAT device is set to DHCP and configured with the virtual IP

D.

That the override server IP address is set on FortiManager and the NAT device

Full Access
Question # 19

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

A.

VIP and IP Pools

B.

Firewall policies

C.

Security profiles

D.

Routing

Full Access
Question # 20

An administrator with theSuper_Userprofile is unable to log in to FortiManager because of an authentication failure message.

Which troubleshooting step should you take to resolve the issue?

A.

Make sure FortiManager Access is enabled in the administrator profile

B.

Make sure Offline Mode is disabled

C.

Make sure the administrator IP address is part of the trusted hosts.

D.

Make sure ADOMs are enabled and the administrator has access to the Global ADOM

Full Access
Question # 21

In addition to the default ADOMs, an administrator has created a new ADOM namedTrainingfor FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

A.

The FortiGate will be added automatically to the default ADOM named FortiGate.

B.

The FortiGate will be automatically added to the Training ADOM.

C.

By default, the unregistered FortiGate will appear in the root ADOM.

D.

The FortiManager administrator must add the unregistered device manually to the unregistered device

manually to the Training ADOM using the Add Device wizard

Full Access
Question # 22

View the following exhibit:

Which two statements are true if the script is executed using theRemote FortiGate Directly (via CLI)option? (Choose two.)

A.

You must install these changes usingInstall Wizard

B.

FortiGate will auto-update the FortiManager’s device-level database.

C.

FortiManager will create a new revision history.

D.

FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

Full Access
Question # 23

View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

A.

From the list of configured override servers with ability to fall back to public FDN servers

B.

From the configured override server list only

C.

From the default serverfdsl.fortinet.com

D.

From public FDNI server with highest index number only

Full Access
Question # 24

Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

A.

It does not back up firmware images saved on FortiManager.

B.

It can be configured using the CLI and GUI.

C.

It backs up all devices and the FortiGuard database.

D.

It supports FTP, SCP, and SFTP.

Full Access
Question # 25

What are two outcomes of ADOM revisions? (Choose two.)

A.

ADOM revisions can significantly increase the size of the configuration backups.

B.

ADOM revisions can save the current size of the whole ADOM

C.

ADOM revisions can create System Checkpoints for the FortiManager configuration

D.

ADOM revisions can save the current state of all policy packages and objects for an ADOM

Full Access
Question # 26

An administrator run the reload failure command:diagnose test deploymanager reload config

on FortiManager. What does this command do?

A.

It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.

B.

It installs the latest configuration on the specified FortiGate and update the revision history database.

C.

It compares and provides differences in configuration on FortiManager with the current running

configuration of the specified FortiGate.

D.

It installs the provisioning template configuration on the specified FortiGate.

Full Access