Summer Sale Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ex2p65

Exact2Pass Menu

Question # 4

Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

A.

It does not back up firmware images saved on FortiManager.

B.

It can be configured using the CLI and GUI.

C.

It backs up all devices and the FortiGuard database.

D.

It supports FTP, SCP, and SFTP.

Full Access
Question # 5

An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session.

What can prevent an admin account that has Super_User rights over the device from approving a workflow session?

A.

Trainer is not a part of workflow approval group

B.

Trainer does not have full rights over this ADOM

C.

Trainer must close Student’s workflow session before approving the request

D.

Student, who submitted the workflow session, must first self-approve the request

Full Access
Question # 6

Refer to the exhibit.

Which statement about the object named ALL is true?

A.

FortiManager updated the object ALL using the FortiGate value in its database.

B.

FortiManager installed the object ALL with the updated value.

C.

FortiManager created the object ALL as a unique entity in its database, which can be only used by this

managed FortiGate.

D.

FortiManager updated the object ALL using the FortiManager value in its database.

Full Access
Question # 7

Refer to the exhibit.

Given the configuration shown in the exhibit, what can you conclude from the installation targets m the Install On column? (Choose two)

A.

Policy seq # 2 will not be installed on the Local-FortiGate root VDOM because there is no root VDOM in the Installation Target

B.

Policy seq # 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets

C.

Policy seq # 1 will be installed on the Remoto-FortiGate root[NAT] and Student[NAT] VDOMs only

D.

Policy 3 will be installed on all FortiGate devices and vdom belongs to the ADOM

E.

Policy seq # 3 will be skipped because no installation targets are specified

Full Access
Question # 8

Which two items does an FGFM keepalive message include? (Choose two.)

A.

FortiGate uptime

B.

FortiGate license information

C.

FortiGate IPS version

D.

FortiGate configuration checksum

Full Access
Question # 9

An administrator would like to create an SD-WAN using central management in the Training ADOM.

To create an SD-WAN using central management, which two steps must be completed? (Choose two.)

A.

Specify a gateway address when you create a default SD-WAN static route

B.

Enable SD-WAN central management in the Training ADOM

C.

Configure and install the SD-WAN firewall policy and SD-WAN static route before installing the SD-WAN

template settings

D.

Remove all the interface references such as routes or policies that will be a part of SD-WAN member

interfaces

Full Access
Question # 10

View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

A.

FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

B.

FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on

FortiGate under central management.

C.

During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

D.

If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Full Access
Question # 11

View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

A.

This setting will enable the ADOMs feature on FortiManager.

B.

This setting is applied globally to all ADOMs.

C.

This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.

D.

This setting will allow automatic updates to the policy package configuration for a managed device.

Full Access
Question # 12

Refer to the exhibit.

A service provider administrator has assigned a global policy package to a managed customer ADOM named My_ADOM, which has four policy packages. The customer administrator has access onlytoMy_ADOM.

How can customer or service provider administrators remove both global header and footer policies from the policy package named Shared_Package?

A.

The service provider administrator can unassign both policies from the global ADOM.

B.

The service provider administrator can unassign both global policies from My_ADOM.

C.

The customer administrator can unassign both polices by locking My_ADOM.

D.

The customer administrator can unassign both global polices from My_ADOM.

Full Access
Question # 13

Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

A.

To push these changes to a managed device, it required an install operation to the managed FortiGate.

B.

Reverting to a previous revision history will generate a new version ID and remove all other history

versions.

C.

Reverting to a previous revision history will tag the device settings status as Auto-Update.

D.

It will modify device-level database

Full Access
Question # 14

Refer to the exhibit.

What can you conclude from the failed installation log shown in the exhibit?

A.

Policy ID 2 will not be installed.

B.

Policy ID 2 is installed in the disabled state.

C.

Policy ID 2 is installed without a source address.

D.

Policy ID 2 is installed without the remote user student.

Full Access
Question # 15

Which of the following statements are true regarding VPN Manager? (Choose three.)

A.

VPN Manager must be enabled on a per ADOM basis.

B.

VPN Manager automatically adds newly-registered devices to a VPN community.

C.

VPN Manager can install common IPsec VPN settings on multiple FortiGate devices at the same time.

D.

Common IPsec settings need to be configured only once in a VPN Community for all managed gateways.

E.

VPN Manager automatically creates all the necessary firewall policies for traffic to be tunneled by IPsec.

Full Access
Question # 16

Refer to the exhibit.

You ate using the Quick install option to install configuration changes on the managed FortiGate

Which two statements correctly describe the result? (Choose two)

A.

It installs device-level changes on the FortiGate device without launching the Install Wizard

B.

It installs all the changes in the device database first and the administrator must reinstall the changes on the FodiGate device

C.

It provides the option to preview only the policy package changes before installing them

D.

It install provisioning template changes on the FortiGate device

Full Access
Question # 17

An administrator is replacing a failed device on FortiManager by running the following command:

execute device replace sn .

Which device name and serial number must the administrator use?

A.

The device name of the new device and serial number of the failed device

B.

The device name and serial number of the failed device

C.

The device name of the failed device and serial number of the new device

D.

The device name and serial number of the new device

Full Access
Question # 18

Refer to the exhibit.

A junior administrator is troubleshooting a FortiManager connectivity issue that rs occurring with managed FortiGate devices

Given the FortiManager device manager settings shown in the exhibit what can you conclude from the exhibit?

A.

The administrator had restored the FortiManager configuration file

B.

The administrator must refresh both devices to restore connectivity

C.

FortiManager test internet connectivity therefore, both devices appear to be down

D.

The administrator can reclaim the FGFM tunnel to get both devices online

Full Access
Question # 19

Which two items are included in the FortiManager backup? (Choose two.)

A.

FortiGuard database

B.

Global database

C.

Logs

D.

All devices

Full Access
Question # 20

Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

A.

The Security Fabric license, group name and password are required for the FortiManager Security Fabric

integration

B.

The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

C.

The Security Fabric settings are part of the device level settings

D.

The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

Full Access
Question # 21

An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the

managed FortiGate.

In which database will the configuration be saved?

A.

Device-level database

B.

Revision history database

C.

ADOM-level database

D.

Configuration-level database

Full Access
Question # 22

What will be the result of reverting to a previous revision version in the revision history?

A.

It will install configuration changes to managed device automatically

B.

It will tag the device settings status as Auto-Update

C.

It will generate a new version ID and remove all other revision history versions

D.

It will modify the device-level database

Full Access
Question # 23

What does a policy package status of Conflict indicate?

A.

The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

B.

The policy package does not have a FortiGate as the installation target.

C.

The policy package configuration has been changed on both FortiManager and the managed device

independently.

D.

The policy configuration has never been imported after a device was registered on FortiManager.

Full Access
Question # 24

Which two statements regarding device management on FortiManager are true? (Choose two.)

A.

FortiGate devices in HA cluster devices are counted as a single device.

B.

FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.

C.

FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

D.

The maximum number of managed devices for each ADOM is 500.

Full Access
Question # 25

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

A.

Device name and serial number of the original device.

B.

Device name and serial number of the replacement device.

C.

Device name of the replacement device and serial number of the original device.

D.

Device name of the original device and serial number of the replacement device.

Full Access
Question # 26

An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.

Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?

A.

When a new policy package is created, it automatically assigns the global policies to the new package.

B.

When a new policy package is created, you need to assign the global policy package from the global

ADOM.

C.

When a new policy package is created, you need to reapply the global policy package to the ADOM.

D.

When a new policy package is created, you can select the option to assign the global policies to the new package.

Full Access
Question # 27

An administrator has enabled Service Access on FortiManager.

What is the purpose of Service Access on the FortiManager interface?

A.

Allows FortiManager to download IPS packages

B.

Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

C.

Allows FortiManager to run real-time debugs on the managed devices

D.

Allows FortiManager to automatically configure a default route

Full Access
Question # 28

What is the purpose of ADOM revisions?

A.

To create System Checkpoints for the FortiManager configuration.

B.

To save the current state of the whole ADOM.

C.

To save the current state of all policy packages and objects for an ADOM.

D.

To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision

Full Access
Question # 29

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

A.

When FortiManager is auto-updated with configuration changes made directly on a managed device

B.

When changes to the device-level database are made on FortiManager

C.

When FortiManager installs device-level changes on a managed device

D.

When a configuration revision is reverted to a previous revision in the revision history

Full Access