Fortinet NSE5_FMG-7.0練習テストPDF試験材料 [Q29-Q48]

Fortinet NSE5_FMG-7.0練習テストPDF試験材料

NSE5_FMG-7.0解答NSE5_FMG-7.0無料サンプルには全てリアル試験合格させます

Fortinet NSE5_FMG-7.0 認定試験は、FortiManagerを使用してFortinetセキュリティインフラストラクチャを管理する候補者の能力を検証する、やりがいのある認定です。この認定は、セキュリティ専門家がスキルを向上させ、サイバーセキュリティ業界でキャリアを進めたいと考える人にとって理想的なものです。

 

質問 # 29
Which configuration setting for FortiGate is part of a device-level database on FortiManager?

• A. Routing
• B. Firewall policies
• C. VIP and IP Pools
• D. Security profiles

正解：A

解説：
The FortiManager stores the FortiGate configuration details in two distinct databases. The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more. The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.

質問 # 30
An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

• A. When creating a new policy package, the administrator can select the option to assign the global policy
  package to the new policy package
• B. When a new policy package is created, the administrator must assign the global policy package from the global ADOM.
• C. When a new policy package is created, the administrator needs to reapply the global policy package to
  ADOM1.
• D. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

正解：D

質問 # 31
In the event that the primary FortiManager fails, which of the following actions must be performed to return the FortiManager HA to a working state?

• A. FortiManager HA state transition is transparent to administrators and does not require any reconfiguration.
• B. Secondary device with highest priority will automatically be promoted to the primary role, and manually
  reconfigure all other secondary devices to point to the new primary device
• C. Reboot one of the secondary devices to promote it automatically to the primary role, and reconfigure all other secondary devices to point to the new primary device.
• D. Manually promote one of the secondary devices to the primary role, and reconfigure all other secondary devices to point to the new primary device.

正解：D

解説：
FortiManager_6.4_Study_Guide-Online - page 346
FortiManager HA doesn't support IP takeover where an HA state transition is transparent to administrators. If a failure of the primary occurs, the administrator must take corrective action to resolve the problem that may include invoking the state transition. If the primary device fails, the administrator must do the following in order to return the FortiManager HA to a working state:
1. Manually reconfigure one of the secondary devices to become the primary device
2. Reconfigure all other secondary devices to point to the new primary device

質問 # 32
An administrator wants to delete an address object that is currently referenced in a firewall policy.
What can the administrator expect to happen?

• A. FortiManager will disable the status of the referenced firewall policy
• B. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy
• C. FortiManager will not allow the administrator to delete a referenced address object
• D. FortiManager will replace the deleted address object with all address object in the referenced firewall policy

正解：B

質問 # 33
Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

• A. Routing
• B. Security profiles
• C. SNMP
• D. NSX-T Service Template

正解：A

質問 # 34
View the following exhibit.

An administrator is importing a new device to FortiManager and has selected the shown options. What will happen if the administrator makes the changes and installs the modified policy package on this managed FortiGate?

• A. The unused objects that are not tied to the firewall policies will be installed on FortiGate
• B. The unused objects that are not tied to the firewall policies locally on FortiGate will be deleted
• C. The unused objects that are not tied to the firewall policies will remain as read-only locally on FortiGate
• D. The unused objects that are not tied to the firewall policies in policy package will be deleted from the

正解：B

解説：
FortiManager database

質問 # 35
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

• A. Reverting to a previous revision history will tag the device settings status as Auto-Update.
• B. Reverting to a previous revision history will generate a new version ID and remove all other history
• C. It will modify device-level database
• D. To push these changes to a managed device, it required an install operation to the managed FortiGate.

正解：C、D

質問 # 36
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior
administrators.
How should the Workspace mode be configured on FortiManager?

• A. Set to workflow and use the ADOM locking feature
• B. Set to normal and use the policy locking feature
• C. Set to disable and use the policy locking feature
• D. Set to read/write and use the policy locking feature

正解：A

質問 # 37
What is the purpose of ADOM revisions?

• A. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
• B. To create System Checkpoints for the FortiManager configuration.
• C. To save the current state of all policy packages and objects for an ADOM.
• D. To save the current state of the whole ADOM.

正解：C

解説：
Fortimanager 6.4 Study guide page 198

質問 # 38
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.
Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?

• A. When a new policy package is created, you need to reapply the global policy package to the ADOM.
• B. When a new policy package is created, it automatically assigns the global policies to the new package.
• C. When a new policy package is created, you can select the option to assign the global policies to the new package.
• D. When a new policy package is created, you need to assign the global policy package from the global ADOM.

正解：B

解説：
Global Policy Package is applied at the ADOM level and you have the option to choose which ADOM policy packages you want to exclude (there is no option to choose Policy Packages to include).

質問 # 39
Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)

• A. You must open the ports to the Fortinet registry
• B. You must create a MEA special policy on FortiManager using the super user profile
• C. The administrator must have the super user profile.
• D. When you configure MEA, you must open TCP or UDP port 540.

正解：B、C

質問 # 40
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

• A. FortiManager updated the object ALL using FortiManager's value in its database
• B. FortiManager installed the object ALL with the updated value.
• C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
• D. FortiManager updated the object ALL using FortiGate's value in its database

正解：D

質問 # 41
An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?

• A. Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.
• B. Changes to the AP's state must be performed directly on the managed FortiGate.
• C. Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.
• D. Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

正解：C

質問 # 42
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?

• A. By an Asterisk (*) at the end of the device name
• B. By a dollar symbol ($) at the end of the device name
• C. By a
• D. By an at symbol (@) at the end of the device name

正解：A

質問 # 43
View the following exhibit:

An administrator used the value shown in the exhibit when importing a Local-FortiGate into FortiManager. What name will be used to display the firewall policy for port1?

• A. port1 on FortiGate and WAN on FortiManager
• B. WAN zone on FortiGate and WAN zone on FortiManager
• C. port1 on both FortiGate and FortiManager
• D. WAN zone on FortiGate and WAN interface on FortiManager

正解：A

質問 # 44
Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

• A. Managed gateways are devices managed by FortiManager in the same ADOM
• B. Protected subnets are the subnets behind the device that you don't want to allow access to over the IPsec
  VPN
• C. Managed devices in other ADOMs must be treated as external gateways
• D. External gateways are third-party VPN gateway devices only

正解：A、C

質問 # 45
What is the purpose of the Policy Check feature on FortiManager?

• A. To find and delete disabled firewall policies in the policy package
• B. To find and provide recommendation for optimizing policies in a policy package
• C. To find and merge duplicate policies in the policy package
• D. To find and provide recommendation to combine multiple separate policy packages into one common
  policy package

正解：B

質問 # 46
Refer to the exhibits.
Exhibit one.

Exhibit two.

An administrator created a new system template named Training with two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.
What can be the main reason for these unset commands?

• A. The ADOM is locked by another administrator
• B. The DNS addresses in the default system settings are the same as the Training system template
• C. The Training system template does not have assigned devices
• D. The Training system template has other default settings

正解：D

質問 # 47
An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the managed FortiGate.
In which database will the configuration be saved?

• A. Device-level database
• B. Configuration-level database
• C. ADOM-level database
• D. Revision history database

正解：C

解説：
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47942

質問 # 48
......

Fortinet NSE5_FMG-7.0（Fortinet NSE 5 - FortiManager 7.0）試験は、FortiManager v7.0ネットワーク管理プラットフォームを使用して高度なFortiGate構成を管理する個人の知識とスキルをテストするように設計されています。この認定試験に合格することは、個人が複雑で大規模なFortiGate展開を管理し、FortiManager v7.0を適切に使用してネットワークセキュリティ全体を改善する強力な理解を持っていることを示しています。

Fortinet NSE5_FMG-7.0 認定試験は、FortiManager で作業する IT 専門家にとって有益な認定資格です。これは、FortiManager の管理と保守に関するスキルと知識を検証し、継続的な職業的な発展に対する彼らの取り組みを示します。この認定資格は、グローバルに認められており、IT 専門家がネットワークセキュリティのキャリアを進めるのに役立ちます。

 

NSE5_FMG-7.0[2023年12月] 最新リリース] 試験問題あなたを必ず合格させます：https://www.goshiken.com/Fortinet/NSE5_FMG-7.0-mondaishu.html

Fortinet NSE5_FMG-7.0試験の基礎問題と解答：https://drive.google.com/open?id=1yQ4DbHSaiVxse0_O6gfExNmsnXYPuxL6