• Home
  • Articles
  • NSE5_FMG-7.2 Dumps PDF New [2025] Ultimate Study Guide [Q16-Q40]

NSE5_FMG-7.2 Dumps PDF New [2025] Ultimate Study Guide [Q16-Q40]

Share

NSE5_FMG-7.2 Dumps PDF New [2025] Ultimate Study Guide

NSE5_FMG-7.2 Exam Dumps PDF Updated Dump from PassLeaderVCE Guaranteed Success

NEW QUESTION # 16
Refer to the exhibits.
Exhibit one.

Exhibit two.

An administrator created a new system template namedTrainingwith two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.
What can be the main reason for these unset commands?

  • A. TheTrainingsystem template does not have assigned devices
  • B. The ADOM is locked by another administrator
  • C. TheTrainingsystem template has other default settings
  • D. The DNS addresses in the default system settings are the same as theTrainingsystem template

Answer: C


NEW QUESTION # 17
Refer to the exhibit.

Which statement about the object named ALL is true?

  • A. FortiManager updated the object ALL using the FortiGate value in its database.
  • B. FortiManager installed the object ALL with the updated value.
  • C. FortiManager updated the object ALL using the FortiManager value in its database.
  • D. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.

Answer: A


NEW QUESTION # 18
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

  • A. It will modify device-level database
  • B. To push these changes to a managed device, it required an install operation to the managed FortiGate.
  • C. Reverting to a previous revision history will generate a new version ID and remove all other history
  • D. Reverting to a previous revision history will tag the device settings status as Auto-Update.

Answer: A,B


NEW QUESTION # 19
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager updated the object ALL using FortiGate's value in its database
  • B. FortiManager installed the object ALL with the updated value.
  • C. FortiManager updated the object ALL using FortiManager's value in its database
  • D. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.

Answer: A


NEW QUESTION # 20
View the following exhibit:

Which two statements are true if the script is executed using theRemote FortiGate Directly (via CLI)option?
(Choose two.)

  • A. FortiGate will auto-update the FortiManager's device-level database.
  • B. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.
  • C. You must install these changes usingInstall Wizard
  • D. FortiManager will create a new revision history.

Answer: A,D


NEW QUESTION # 21
Refer to the exhibit.

In the event that the monitored interface for the primary FortiManager device fails, which statement is true about FortiManager HA?

  • A. The FortiManager HAfailover is transparent to administrators and does not require any reconfiguration.
  • B. Reboot the failed device to remove its IP from the primary device.
  • C. Reconfigure the primary device lo remove the peer IP of the failed device.
  • D. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

Answer: A


NEW QUESTION # 22
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest history for the managed FortiGate does not match with the device-level database
  • B. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  • C. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
  • D. Configuration changes directly made on the FortiGate have been automatically updated to device-level

Answer: A,B

Explanation:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up
- dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager.
- conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration.
- cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion:
- Revision DB does match FortiGate.
- No changes were installed to FortiGate yet.
- Device DB doesn't match Revision DB.
- No changes were done on FortiGate (auto-update) but configuration was retrieved instead After an Auto-Update or Retrieve:
device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet):
latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history:
device database = reverted revision != FGT


NEW QUESTION # 23
An administrator created a header and footer global policy package and assigned it to an ADOM.
What are two outcomes from this action? (Choose two.)

  • A. After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed.
  • B. If you assign an additional global policy package to the same ADOM, FortiManaqer removes previously assigned policies.
  • C. You can edit or delete all the global objects in the global ADOM.
  • D. You must manually move the header and footer policies after the policy assignment.

Answer: C,D


NEW QUESTION # 24
Refer to the exhibit.

Which two statements are true if the script is executed using theDevice Databaseoption? (Choose two.)

  • A. The script history will show successful installation of the script on the remote FortiGate
  • B. You must install these changes using theInstall Wizardto a managed device
  • C. TheDevice Settings Statuswill be tagged asModified
  • D. The successful execution of a script on theDevice Databasewill create a new revision history

Answer: B,C


NEW QUESTION # 25
An administrator wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?

  • A. FortiManager will disable the status of the referenced firewall policy
  • B. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
  • C. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy
  • D. FortiManager will not allow the administrator to delete a referenced address object

Answer: C


NEW QUESTION # 26
View the following exhibit.

An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

  • A. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate
  • B. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted
  • C. The unused objects that are not tied to the firewall policies will be installed on FortiGate
  • D. The unused objects that are not tied to the firewall policies in policy package will be deleted from the FortiManager database

Answer: B

Explanation:
Reference:https://community.fortinet.com/t5/FortiManager/Import-all-objects-Versus-Import-only-policy-depend


NEW QUESTION # 27
View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

  • A. This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.
  • B. This setting is applied globally to all ADOMs.
  • C. This setting will enable the ADOMs feature on FortiManager.
  • D. This setting will allow automatic updates to the policy package configuration for a managed device.

Answer: A,B


NEW QUESTION # 28
Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.
What is the purpose of this command?

  • A. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
  • B. It allows FortiGate to reboot and restore a previously working firmware image.
  • C. It allows FortiGate to reboot and recover the previous configuration from its configuration file.
  • D. It allows FortiGate to unset central management settings.

Answer: C


NEW QUESTION # 29
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package,Fortinet, in the custom ADOM1.
Which statement about the global policy package assignment to the newly-created policy packageFortinetis true?

  • A. When a new policy package is created, you can select the option to assign the global policies to the new package.
  • B. When a new policy package is created, you need to assign the global policy package from the global ADOM.
  • C. When a new policy package is created, you need to reapply the global policy package to the ADOM.
  • D. When a new policy package is created, it automatically assigns the global policies to the new package.

Answer: D

Explanation:
Global Policy Package is applied at the ADOM level and you have the option to choose which ADOM policy packages you want to exclude (there is no option to choose Policy Packages to include).


NEW QUESTION # 30
What will happen if FortiAnalyzer features are enabled on FortiManager?

  • A. FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.
  • B. FortiManager will keep all the logs and reports on the FortiManager.
  • C. FortiManager can be used only as a logging device.
  • D. FortiManager will install the logging configuration to the managed devices

Answer: D


NEW QUESTION # 31
Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

  • A. Managed devices in other ADOMs must be treated as external gateways
  • B. External gateways are third-party VPN gateway devices only
  • C. Protected subnets are the subnets behind the device that you don't want to allow access to over the IPsec VPN
  • D. Managed gateways are devices managed by FortiManager in the same ADOM

Answer: A,D


NEW QUESTION # 32
An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the managed FortiGate.
In which database will the configuration be saved?

  • A. Configuration-level database
  • B. ADOM-level database
  • C. Device-level database
  • D. Revision history database

Answer: B

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47942


NEW QUESTION # 33
View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

  • A. From the default serverfdsl.fortinet.com
  • B. From the list of configured override servers with ability to fall back to public FDN servers
  • C. From public FDNI server with highest index number only
  • D. From the configured override server list only

Answer: B

Explanation:
Reference:https://community.fortinet.com/t5/Fortinet-Forum/Clarification-of-FortiManager-s-quot-Server-Overr


NEW QUESTION # 34
Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

  • A. It allows the same administrator to lock more than one ADOM at the same time.
  • B. It disables concurrent read-write access to an ADOM.
  • C. It is used to validate administrator login attempts through external servers.
  • D. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.

Answer: A,D


NEW QUESTION # 35
What does a policy package status ofConflictindicate?

  • A. The policy configuration has never been imported after a device was registered on FortiManager.
  • B. The policy package reports inconsistencies and conflicts during aPolicy Consistency Check.
  • C. The policy package configuration has been changed on both FortiManager and the managed device independently.
  • D. The policy package does not have a FortiGate as the installation target.

Answer: C


NEW QUESTION # 36
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.
How should the Workspace mode be configured on FortiManager?

  • A. Set to workflow and use the ADOM locking feature
  • B. Set to read/write and use the policy locking feature
  • C. Set to disable and use the policy locking feature
  • D. Set to normal and use the policy locking feature

Answer: A

Explanation:
Reference:https://help.fortinet.com/fmgr/50hlp/52/5-2-0/FMG_520_Online_Help/200_What's-New.03.03.html


NEW QUESTION # 37
Which three settings are the factory default settings on FortiManager? (Choose three.)

  • A. Management Extension applications are enabled.
  • B. The Port1 interface IP address is 192.168.1.99/24.
  • C. The administrative domain is disabled.
  • D. The FortiManager setup wizard is disabled.
  • E. FortiAnalvzer features are disabled.

Answer: B,C,E


NEW QUESTION # 38
What is the purpose of the Policy Check feature on FortiManager?

  • A. It provides recommendations to combine similar policy packages within an ADOM into one single policy package.
  • B. It merges and creates dynamic mappings for duplicate objects used in a policy package.
  • C. It provides recommendations for optimizing policies in a policy package.
  • D. It compares the policy packages with the revision history, and updates policy packages in the ADOM database.

Answer: C


NEW QUESTION # 39
View the following exhibit.

Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

  • A. Policy seq#3 will be installed on the Trainer[NAT] VDOM only
  • B. Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets
  • C. The Install On column value represents successful installation on the managed devices
  • D. Policy seq#3 will be not installed on any managed device

Answer: B


NEW QUESTION # 40
......

Pass Your Fortinet Exam with NSE5_FMG-7.2 Exam Dumps: https://www.passleadervce.com/NSE-5-Network-Security-Analyst/reliable-NSE5_FMG-7.2-exam-learning-guide.html

NSE5_FMG-7.2 Exam Dumps - Fortinet Practice Test Questions: https://drive.google.com/open?id=19uLrDKGrzUD47zCikXrZLZyJd33qVVSt

Related Articles

more
Fortinet NSE5_FMG-7.2 Certification Practice Exam