we provide High value Fortinet NSE5_FMG-6.4 free download which are the best for clearing NSE5_FMG-6.4 test, and to get certified by Fortinet Fortinet NSE 5 - FortiManager 6.4. The NSE5_FMG-6.4 Questions & Answers covers all the knowledge points of the real NSE5_FMG-6.4 exam. Crack your Fortinet NSE5_FMG-6.4 Exam with latest dumps, guaranteed!
Check NSE5_FMG-6.4 free dumps before getting the full version:
NEW QUESTION 1
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?
- A. Allows FortiManager to download IPS packages
- B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices
- C. Allows FortiManager to run real-time debugs on the managed devices
- D. Allows FortiManager to automatically configure a default route
Answer: B
Explanation:
FortiManager 6.2 Study guide page 350
NEW QUESTION 2
View the following exhibit:
How will FortiManager try to get updates for antivirus and IPS?
- A. From the list of configured override servers with ability to fall back to public FDN servers
- B. From the configured override server list only
- C. From the default server fdsl.fortinet.com
- D. From public FDNI server with highest index number only
Answer: A
Explanation:
Reference:
https://community.fortinet.com/t5/Fortinet-Forum/Clarification-of-FortiManager-s-quot-Server-Override-Mode
NEW QUESTION 3
Which two items are included in the FortiManager backup? (Choose two.)
- A. FortiGuard database
- B. Global database
- C. Logs
- D. All devices
Answer: BD
Explanation:
Reference: https://kb.fortinet.com/kb/viewContent.do?externalId=FD34549
NEW QUESTION 4
Refer to the exhibit.
An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.
What is the purpose of this command?
- A. It allows FortiGate to unset central management settings.
- B. It allows FortiGate to reboot and recover the previous configuration from its configuration file.
- C. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
- D. It allows FortiGate to reboot and restore a previously working firmware image.
Answer: B
Explanation:
Reference:
https://docs.fortinet.com/document/fortimanager/6.2.0/fortigate-fortimanager-communicationsprotocol-guide/14
NEW QUESTION 5
Refer to the exhibit.
An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.
Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)
- A. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.
- B. The administrator profile does not have full access privileges like the Super_User profile.
- C. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.
- D. FortiAnalyzer features are not enabled on FortiManager.
Answer: BD
NEW QUESTION 6
View the following exhibit, which shows the Download Import Report:
Why it is failing to import firewall policy ID 2?
- A. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate
- B. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager
- C. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager
- D. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.
Answer: A
Explanation:
FortiManager_6.4_Study_Guide-Online – page 331 & 332
NEW QUESTION 7
An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session.
What can prevent an admin account that has Super_User rights over the device from approving a workflow session?
- A. Trainer is not a part of workflow approval group
- B. Trainer does not have full rights over this ADOM
- C. Trainer must close Student’s workflow session before approving the request
- D. Student, who submitted the workflow session, must first self-approve the request
Answer: A
Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FMG-FAZ/0800_ADOMs/1800_Workflow/0600_Workflow%20s
NEW QUESTION 8
You are moving managed FortiGate devices from one ADOM to a new ADOM. Which statement correctly describes the expected result?
- A. Any pending device settings will be installed automatically
- B. Any unused objects from a previous ADOM are moved to the new ADOM automatically
- C. The shared policy package will not be moved to the new ADOM
- D. Policy packages will be imported into the new ADOM automaticallyD
Answer: C
Explanation:
Reference:
https://community.fortinet.com/t5/FortiManager/Technical-Note-How-to-move-objects-to-new-ADOM-on-Forti
NEW QUESTION 9
View the following exhibit.
If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)
- A. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
- B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
- C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
- D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.
Answer: AC
Explanation:
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.
NEW QUESTION 10
What is the purpose of ADOM revisions?
- A. To create System Checkpoints for the FortiManager configuration.
- B. To save the current state of the whole ADOM.
- C. To save the current state of all policy packages and objects for an ADOM.
- D. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
Answer: C
Explanation:
Fortimanager 6.4 Study guide page 198
NEW QUESTION 11
Refer to the exhibit.
Which two statements ab? (Choose two.)
- A. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
- B. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
- C. The latest history for the managed FortiGate does not match with the device-level database
- D. Configuration changes directly made on the FortiGate have been automatically updated to device-level database
Answer: AC
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up– dev-db: modified – This is the device setting status which indicates that configuration changes were made on FortiManager.
– conf: in sync – This is the sync status which shows that the latest revision history is in sync with Fortigate’s configuration.– cond: pending – This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn’t installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn’t match device DB.
Conclusion:– Revision DB does match FortiGate.– No changes were installed to FortiGate yet.– Device DB doesn’t match Revision DB.– No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve:device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet):latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history:device database = reverted revision != FGT
NEW QUESTION 12
Refer to the exhibit.
You are using the Quick Install option to install configuration changes on the managed FortiGate.
Which two statements correctly describe the result? (Choose two.)
- A. It will not create a new revision in the revision history
- B. It installs device-level changes to FortiGate without launching the Install Wizard
- C. It cannot be canceled once initiated and changes will be installed on the managed device
- D. It provides the option to preview configuration changes prior to installing them
Answer: BC
Explanation:
FortiManager_6.4_Study_Guide-Online – page 164
The Install Config option allows you to perform a quick installation of device-level settings without launching the Install Wizard. When you use this option, you cannot preview the changes prior to committing. Administrator should be certain of the changes before using this install option, because the install can’t be cancelled after the process is initiated.
NEW QUESTION 13
An administrator wants to delete an address object that is currently referenced in a firewall policy. What can the administrator expect to happen?
- A. FortiManager will not allow the administrator to delete a referenced address object
- B. FortiManager will disable the status of the referenced firewall policy
- C. FortiManager will replace the deleted address object with the none address object in the referencedfirewall policy
- D. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
Answer: C
Explanation:
Reference:
https://help.fortinet.com/fmgr/50hlp/56/5-6-2/FortiManager_Admin_Guide/1200_Policy%20and%20Objects/12
NEW QUESTION 14
Refer to the exhibit.
Which statement about the object named ALL is true?
- A. FortiManager updated the object ALL using the FortiGate value in its database.
- B. FortiManager installed the object ALL with the updated value.
- C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
- D. FortiManager updated the object ALL using the FortiManager value in its database.
Answer: A
NEW QUESTION 15
Refer to the exhibit.
Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)
- A. It supports the FortiManager script feature
- B. It allows making configuration changes for managed devices on FortiManager panes
- C. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
- D. You cannot assign the same ADOM to multiple administrators
Answer: AB
Explanation:
"FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."
NEW QUESTION 16
Which two statements about the scheduled backup of FortiManager are true? (Choose two.)
- A. It does not back up firmware images saved on FortiManager.
- B. It can be configured using the CLI and GUI.
- C. It backs up all devices and the FortiGuard database.
- D. It supports FTP, SCP, and SFTP.
Answer: AD
Explanation:
Reference: https://docs.ansible.com/ansible/latest/collections/fortinet/fortimanager/fmgr_system_backup_allsettings_modul
NEW QUESTION 17
Which two settings must be configured for SD-WAN Central Management? (Choose two.)
- A. SD-WAN must be enabled on per-ADOM basis
- B. You can create multiple SD-WAN interfaces per VDOM
- C. When you configure an SD-WAN, you must specify at least two member interfaces.
- D. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.
Answer: AC
NEW QUESTION 18
......
P.S. Thedumpscentre.com now are offering 100% pass ensure NSE5_FMG-6.4 dumps! All NSE5_FMG-6.4 exam questions have been updated with correct answers: https://www.thedumpscentre.com/NSE5_FMG-6.4-dumps/ (59 New Questions)