Page: 1
/ 3
Total 38 questions
An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?
- A. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
- B. You must specify a gateway address when you create a default static route
- C. Remove all the interface references such as routes or policies
- D. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SD-WAN firewall policies.
Answer : D
Which of the following statements are true regarding SD-WAN Central Management? (Choose three.)
- A. SD-WAN must be enabled on per-ADOM basis
- B. SD-WAN settings can be installed on multiple FortiGate devices at the same time
- C. You can create multiple SD-WAN interfaces per VDOM
- D. When you configure an SD-WAN, you must specify at least two member interfaces.
- E. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.
Answer : BCD
Which of the following statements are true regarding ADOM revisions? (Choose two.)
- A. ADOM revisions can significantly increase the size of the configuration backups.
- B. ADOM revisions can save the current size of the whole ADOM
- C. ADOM revisions can create System Checkpoints for the FortiManager configuration
- D. ADOM revisions can save the current state of all policy packages and objects for an ADOM
Answer : AD
Refer to the following exhibit:
Which of the following statements are true based on this configuration? (Choose two.)
- A. The same administrator can lock more than one ADOM at the same time
- B. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out
- C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
- D. Unlocking an ADOM will install configuration automatically on managed devices
Answer : AB
View the following exhibit:
Which of the following statements are true if the scripts is executed using Remote FortiGate Directly (via CLI) option? (Choose two.)
- A. You must install these changes using Install Wizard
- B. FortiGate will auto-update the FortiManager"™s device-level database.
- C. FortiManager will create a new revision history.
- D. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.
Answer : BD
Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)
- A. Backs up all devices and the FortiGuard database.
- B. Does not back up firmware images saved on FortiManager
- C. Supports FTP, SCP, and SFTP
- D. Can be configured from the CLI and GUI
Answer : CD
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?
- A. By a dollar symbol ($) at the end of the device name
- B. By an at symbol (@) at the end of the device name
- C. By a question mark(?) at the end of the device name
- D. By an Asterisk (*) at the end of the device name
Answer : D
View the following exhibit.
Which one of the following statements is true regarding installation targets in use Install On column?
- A. The Install On column value represents successful installation on the managed devices
- B. Policy seq=3 will be installed on all managed devices and VDOMs that are listed under Installation Targets
- C. Policy seq=3 will be installed on the Trainer[NAT] VDOM only
- D. Policy seq=3 will be not installed on any managed device
Answer : B
When installation is performed from the FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?
- A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
- B. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
- C. FortiGate will reject the CLI commands that will cause the tunnel to go down.
- D. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.
Answer : C
What are the factory default settings on FortiManager? (Choose three.)
- A. Username is admin
- B. Password is fortinet
- C. FortiAnalyzer features are disabled
- D. Reports and Event Monitor panes are enabled
- E. port1 interface IP address is 192.168.1.99/24
Answer : ACE
What does a policy package status of Modified indicate?
- A. FortiManager is unable to determine the policy package status
- B. The policy package was never imported after a device was registered on FortiManager
- C. Policy configuration has been changed on a managed device and changes have not yet been imported into FortiManager
- D. Policy package configuration has been changed on FortiManager and changes have not yet been installed on the managed device.
Answer : D
View the following exhibit.
Which of the following statements are true if FortiManager and FortiGate are behind the NAT devices? (Choose two.)
- A. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
- B. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.
- C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
- D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.
Answer : AD
What is the purpose of the Policy Check feature on FortiManager?
- A. To find and provide recommendation to combine multiple separate policy packages into one common policy package
- B. To find and merge duplicate policies in the policy package
- C. To find and provide recommendation for optimizing policies in a policy package
- D. To find and delete disabled firewall policies in the policy package
Answer : B
View the following exhibit.
Which statement is true regarding this failed installation log?
- A. Policy ID 2 is installed without a source address
- B. Policy ID 2 will not be installed
- C. Policy ID 2 is installed in disabled state
- D. Policy ID 2 is installed without a source device
Answer : D
View the following exhibit.
When using Install Config option to install configuration changes to managed FortiGate, which of the following statements are true? (Choose two.)
- A. Once initiated, the install process cannot be canceled and changes will be installed on the managed device
- B. Will not create new revision in the revision history
- C. Installs device-level changes to FortiGate without launching the Install Wizard
- D. Provides the option to preview configuration changes prior to installing them
Answer : AC
30 days access 