• ホーム
  • ブログ
  • NSE5_FMG-7.0認定ガイドPDFは100%カバー率でリアル試験問題が使える [Q36-Q58]

NSE5_FMG-7.0認定ガイドPDFは100%カバー率でリアル試験問題が使える [Q36-Q58]

Share

NSE5_FMG-7.0認定ガイドPDFは100%カバー率でリアル試験問題が使える

合格させるNSE5_FMG-7.0試験にはリアル問題解答


Fortinet NSE5_FMG-7.0 試験は、Fortinet Network Security Expert (NSE) プログラムの一部であり、FortiGateデバイスと関連するセキュリティポリシーを設計、実装、および管理する責任があるネットワークセキュリティプロフェッショナルを対象としています。認定は、FortiManager v7.0プラットフォームに関する個人の理解力を検証し、その機能、機能、および能力を含みます。

 

質問 # 36
An administrator run the reload failure command: diagnose test deploymanager reload config
<deviceid> on FortiManager. What does this command do?

  • A. It compares and provides differences in configuration on FortiManager with the current running
    configuration of the specified FortiGate.
  • B. It downloads the latest configuration from the specified FortiGate and performs a reload operation on the device database.
  • C. It installs the provisioning template configuration on the specified FortiGate.
  • D. It installs the latest configuration on the specified FortiGate and update the revision history database.

正解:B


質問 # 37
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?

  • A. By a dollar symbol ($) at the end of the device name
  • B. By a
  • C. By an at symbol (@) at the end of the device name
  • D. By an Asterisk (*) at the end of the device name

正解:D


質問 # 38
An administrator would like to create an SD-WAN using central management. What steps does the
administrator need to perform to create an SD-WAN using central management?

  • A. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
  • B. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
  • C. You must specify a gateway address when you create a default static route
  • D. Remove all the interface references such as routes or policies

正解:B


質問 # 39
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Security Fabric settings are part of the device level settings
  • B. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices
  • C. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
  • D. The Security Fabric license, group name and password are required for the FortiManager Security Fabric
    integration

正解:A、B


質問 # 40
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax
  • B. Verifies and corrects database schemas in all object tables
  • C. Verifies and corrects duplicate VDOM entries
  • D. Verifies and corrects unregistered, registered, and deleted device states

正解:C、D

解説:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries


質問 # 41
What will happen if FortiAnalyzer features are enabled on FortiManager?

  • A. FortiManager will install the logging configuration to the managed devices
  • B. FortiManager can be used only as a logging device.
  • C. FortiManager will keep all the logs and reports on the FortiManager.
  • D. FortiManager will enable ADOMs to collect logs automatically from non-FortiGate devices.

正解:A


質問 # 42
View the following exhibit.

Which of the following statements are true based on this configuration setting? (Choose two.)

  • A. This setting will enable the ADOMs feature on FortiManager.
  • B. This setting is applied globally to all ADOMs.
  • C. This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.
  • D. This setting will allow automatic updates to the policy package configuration for a managed device.

正解:B、C


質問 # 43
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager installed the object ALL with the updated value.
  • B. FortiManager updated the object ALL using FortiManager's value in its database
  • C. FortiManager updated the object ALL using FortiGate's value in its database
  • D. FortiManager created the object ALL as a unique entity in its database, which can be only used by this
    managed FortiGate.

正解:C


質問 # 44
An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.
Which troubleshooting step should you take to resolve the issue?

  • A. Make sure FortiManager Access is enabled in the administrator profile
  • B. Make sure the administrator IP address is part of the trusted hosts.
  • C. Make sure ADOMs are enabled and the administrator has access to the Global ADOM
  • D. Make sure Offline Mode is disabled

正解:B

解説:
Even if a user entered the correct userid/password, the FMG denies access if a user is logging in from an untrusted source IP subnets.
Topic 1, Main Questions Pool B


質問 # 45
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

  • A. auto-discovery
  • B. port2
  • C. virtual-wan-link
  • D. port1

正解:C


質問 # 46
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric.
Given the administrator's actions, which statement correctly describes the expected result?

  • A. The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.
  • B. The authorized FortiGate will be automatically added to the Training ADOM.
  • C. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.
  • D. The authorized FortiGate will appear in the root ADOM.

正解:D


質問 # 47
Refer to the exhibit.

Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)

  • A. It allows making configuration changes for managed devices on FortiManager panes
  • B. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
  • C. You cannot assign the same ADOM to multiple administrators
  • D. It supports the FortiManager script feature

正解:A、D

解説:
"FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."


質問 # 48
Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

  • A. Does not back up firmware images saved on FortiManager
  • B. Can be configured from the CLI and GUI
  • C. Backs up all devices and the FortiGuard database.
  • D. Supports FTP, SCP, and SFTP

正解:A、D


質問 # 49
What does a policy package status of Modified indicate?

  • A. The Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.
  • B. The policy package was never imported after a device was registered on FortiManager
  • C. FortiManager is unable to determine the policy package status
  • D. The Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager

正解:A


質問 # 50
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest history for the managed FortiGate does not match with the device-level database
  • B. Configuration changes directly made on the FortiGate have been automatically updated to device-level
  • C. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
  • D. The latest revision history for the managed FortiGate does match with the FortiGate running configuration

正解:A、D

解説:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up - dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager. - conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. - cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: - Revision DB does match FortiGate. - No changes were installed to FortiGate yet. - Device DB doesn't match Revision DB. - No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve: device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT


質問 # 51
What does a policy package status of Conflict indicate?

  • A. The policy package does not have a FortiGate as the installation target.
  • B. The policy configuration has never been imported after a device was registered on FortiManager.
  • C. The policy package configuration has been changed on both FortiManager and the managed device
    independently.
  • D. The policy package reports inconsistencies and conflicts during a Policy Consistency Check.

正解:C


質問 # 52
What is the purpose of ADOM revisions?

  • A. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
  • B. To save the current state of all policy packages and objects for an ADOM.
  • C. To create System Checkpoints for the FortiManager configuration.
  • D. To save the current state of the whole ADOM.

正解:B

解説:
Fortimanager 6.4 Study guide page 198


質問 # 53
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

  • A. Allows FortiManager to run real-time debugs on the managed devices
  • B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices
  • C. Allows FortiManager to download IPS packages
  • D. Allows FortiManager to automatically configure a default route

正解:B

解説:
FortiManager 6.2 Study guide page 350


質問 # 54
Which two statements about the scheduled backup of FortiManager are true? (Choose two.)

  • A. It does not back up firmware images saved on FortiManager.
  • B. It can be configured using the CLI and GUI.
  • C. It backs up all devices and the FortiGuard database.
  • D. It supports FTP, SCP, and SFTP.

正解:A、D


質問 # 55
An administrator has assigned a global policy package to a new ADOM called ADOM1. What will happen if the administrator tries to create a new policy package in ADOM1?

  • A. When a new policy package is created, the administrator must assign the global policy package from the global ADOM.
  • B. When a new policy package is created, the administrator needs to reapply the global policy package to
    ADOM1.
  • C. When creating a new policy package, the administrator can select the option to assign the global policy
    package to the new policy package
  • D. When the new policy package is created, FortiManager automatically assigns the global policy package to the new policy package.

正解:D


質問 # 56
View the following exhibit.

What is the purpose of setting ADOM Mode to Advanced?

  • A. The setting disables concurrent ADOM access and adds ADOM locking
  • B. This setting allows you to assign different VDOMs from the same FortiGate to different ADOMs.
  • C. The setting enables the ADOMs feature on FortiManager
  • D. The setting allows automatic updates to the policy package configuration for a managed device

正解:B


質問 # 57
View the following exhibit.

Which statement is true regarding this failed installation log?

  • A. Policy ID 2 is installed without a source device
  • B. Policy ID 2 is installed in disabled state
  • C. Policy ID 2 will not be installed
  • D. Policy ID 2 is installed without a source address

正解:A


質問 # 58
......

100%無料NSE5_FMG-7.0日常練習試験には74問があります:https://www.goshiken.com/Fortinet/NSE5_FMG-7.0-mondaishu.html

合格させるNSE5_FMG-7.0レビューガイド、信頼され続けるNSE5_FMG-7.0テストエンジン:https://drive.google.com/open?id=1yQ4DbHSaiVxse0_O6gfExNmsnXYPuxL6

関するブログ

もっと
NSE5_FMG-7.0無料問題集