• Home
  • Articles
  • Clear your concepts with NSE5_FMG-7.0 Questions Before Attempting Real exam [Q28-Q52]

Clear your concepts with NSE5_FMG-7.0 Questions Before Attempting Real exam [Q28-Q52]

Share

Clear your concepts with NSE5_FMG-7.0 Questions Before Attempting Real exam

Get professional help from our NSE5_FMG-7.0 Dumps PDF

NEW QUESTION # 28
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

  • A. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • B. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
  • C. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • D. Secondary device with highest priority will automatically be promoted to the primary role, and manually reconfigure all other secondary devices to point to the new primary device

Answer: C

Explanation:
FortiManager_6.4_Study_Guide-Online - page 346
FortiManager HA doesn't support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1. Manually reconfigure one of the secondary devices to become the primary device
2. Reconfigure all other secondary devices to point to the new primary device


NEW QUESTION # 29
Which two statements regarding device management on FortiManager are true? (Choose two.)

  • A. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.
  • B. FortiGate devices in HA cluster devices are counted as a single device.
  • C. The maximum number of managed devices for each ADOM is 500.
  • D. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.

Answer: B,D


NEW QUESTION # 30
An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?

  • A. You must specify a gateway address when you create a default static route
  • B. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
  • C. Remove all the interface references such as routes or policies
  • D. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route

Answer: B


NEW QUESTION # 31
View the following exhibit:

Which two statements are true if the script is executed using the Remote FortiGate Directly (via CLI) option? (Choose two.)

  • A. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.
  • B. You must install these changes using Install Wizard
  • C. FortiGate will auto-update the FortiManager's device-level database.
  • D. FortiManager will create a new revision history.

Answer: C,D


NEW QUESTION # 32
When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  • A. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
  • B. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
  • C. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  • D. FortiGate will reject the CLI commands that will cause the tunnel to go down.

Answer: A

Explanation:
The configuration change will break the fgfm connection, causing the FortiGate unit to attempt to reconnect for 900 seconds. If the FortiGate cannot reconnect, it will rollback to its previous configuration.


NEW QUESTION # 33
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

  • A. auto-discovery
  • B. port2
  • C. port1
  • D. virtual-wan-link

Answer: D


NEW QUESTION # 34
Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

  • A. Routing
  • B. SNMP
  • C. NSX-T Service Template
  • D. Security profiles

Answer: A


NEW QUESTION # 35
Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

  • A. FortiManager ignored the firewall service category general and deleted the duplicate value In Its database
  • B. FortiManager ignored the firewall service category General and did not update Its database with the value
  • C. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.
  • D. FortiManager ignored the firewall service category General but created a new service category in its database.

Answer: C


NEW QUESTION # 36
Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

  • A. It disables concurrent read-write access to an ADOM.
  • B. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.
  • C. It is used to validate administrator login attempts through external servers.
  • D. It allows the same administrator to lock more than one ADOM at the same time.

Answer: A,D


NEW QUESTION # 37
Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

  • A. When changes to device-level database is made on FortiManager
  • B. When configuration revision is reverted to previous revision in the revision history
  • C. When FortiManager installs device-level changes to a managed device
  • D. When FortiManager is auto-updated with configuration changes made directly on a managed device

Answer: C,D


NEW QUESTION # 38
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Verifies and corrects database schemas in all object tables
  • B. Verifies and corrects unregistered, registered, and deleted device states
  • C. Verifies and corrects duplicate VDOM entries
  • D. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax

Answer: B,C

Explanation:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries


NEW QUESTION # 39
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Security Fabric license, group name and password are required for the FortiManager Security Fabric integration
  • B. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
  • C. The Security Fabric settings are part of the device level settings
  • D. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices

Answer: B,C


NEW QUESTION # 40
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

  • A. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • B. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
  • C. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.
  • D. Secondary device with highest priority will automatically be promoted to the primary role, and manually
    reconfigure all other secondary devices to point to the new primary device

Answer: C

Explanation:
FortiManager_6.4_Study_Guide-Online - page 346
FortiManager HA doesn't support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1. Manually reconfigure one of the secondary devices to become the primary device
2. Reconfigure all other secondary devices to point to the new primary device


NEW QUESTION # 41
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

  • A. To push these changes to a managed device, it required an install operation to the managed FortiGate.
  • B. It will modify device-level database
  • C. Reverting to a previous revision history will generate a new version ID and remove all other history
  • D. Reverting to a previous revision history will tag the device settings status as Auto-Update.

Answer: A,B


NEW QUESTION # 42
An administrator wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?

  • A. FortiManager will not allow the administrator to delete a referenced address object
  • B. FortiManager will disable the status of the referenced firewall policy
  • C. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
  • D. FortiManager will replace the deleted address object with the none address object in the referenced
    firewall policy

Answer: D


NEW QUESTION # 43
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?

  • A. By default, the unregistered FortiGate will appear in the root ADOM.
  • B. The FortiManager administrator must add the unregistered device manually to the unregistered device
  • C. The FortiGate will be added automatically to the default ADOM named FortiGate.
  • D. The FortiGate will be automatically added to the Training ADOM.

Answer: A

Explanation:
manually to the Training ADOM using the Add Device wizard


NEW QUESTION # 44
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?

  • A. Set to normal and use the policy locking feature
  • B. Set to read/write and use the policy locking feature
  • C. Set to workflow and use the ADOM locking feature
  • D. Set to disable and use the policy locking feature

Answer: C


NEW QUESTION # 45
View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

  • A. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
  • B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on
    FortiGate under central management.
  • C. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
  • D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

Answer: A,C

Explanation:
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.


NEW QUESTION # 46
Which two items are included in the FortiManager backup? (Choose two.)

  • A. All devices
  • B. Logs
  • C. Global database
  • D. FortiGuard database

Answer: A,C


NEW QUESTION # 47
What is the purpose of ADOM revisions?

  • A. To save the current state of all policy packages and objects for an ADOM.
  • B. To create System Checkpoints for the FortiManager configuration.
  • C. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
  • D. To save the current state of the whole ADOM.

Answer: A

Explanation:
Fortimanager 6.4 Study guide page 198


NEW QUESTION # 48
Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.
Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

  • A. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.
  • B. FortiAnalyzer features are not enabled on FortiManager.
  • C. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.
  • D. The administrator profile does not have full access privileges like the Super_User profile.

Answer: B,D


NEW QUESTION # 49
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

  • A. Allows FortiManager to automatically configure a default route
  • B. Allows FortiManager to run real-time debugs on the managed devices
  • C. Allows FortiManager to download IPS packages
  • D. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

Answer: D

Explanation:
FortiManager 6.2 Study guide page 350


NEW QUESTION # 50
Which three settings are the factory default settings on FortiManager? (Choose three.)

  • A. port1 interface IP address is 192.168.1.99/24
  • B. Username is admin
  • C. Reports and Event Monitor panes are enabled
  • D. FortiAnalyzer features are disabled
  • E. Password is fortinet

Answer: A,B,D


NEW QUESTION # 51
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?

  • A. By a dollar symbol ($) at the end of the device name
  • B. By a Question:
  • C. By an Asterisk (*) at the end of the device name
  • D. By an at symbol (@) at the end of the device name

Answer: C


NEW QUESTION # 52
......

Achieve the NSE5_FMG-7.0 Exam Best Results with Help from Fortinet Certified Experts: https://prepaway.vcetorrent.com/NSE5_FMG-7.0-valid-vce-torrent.html

Related Articles

more
Fortinet NSE5_FMG-7.0 Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Our exam questions are high efficient, high quality, high accuracy as well as inspirational for exam candidates like you. Our preparation materials have high pass rate as 98% to 100% for fully equipped practice facilities and simulating stratosphere.

Copyright © 2026 VCETorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
VCETorrent doesn't offer Real IAPP Exam Questions.
VCETorrent does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. VCETorrent does not own or claim any ownership on any of the brands.