更新された2022年01月31日検証済み！合格できるNSE5_FMG-6.2試験一発合格保証付き [Q30-Q49]

更新された2022年01月31日検証済み！合格できるNSE5_FMG-6.2試験一発合格保証付き

無料で使えるNSE5_FMG-6.2サンプルには問題100%カバー率でリアル試験問題（更新された85問あります)

質問 30
Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

• A. The same administrator can lock more than one ADOM at the same time
• B. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
• C. Unlocking an ADOM will install configuration automatically on managed devices
• D. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

正解: A,D

 

質問 31
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

• A. FortiManager installed the object ALL with the updated value.
• B. FortiManager updated the object ALL using FortiGate's value in its database
• C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
• D. FortiManager updated the object ALL using FortiManager's value in its database

正解: B

解説:
If a conflict is detected, FortiManager updates the object associated with the selected device. When you choose the FortiGate device value and import the address object ALL, an entry named update previous object is added to the import report.

 

質問 32
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

• A. virtual-wan-link
• B. port2
• C. auto-discovery
• D. port1

正解: A

 

質問 33
As a result of enabling FortiAnalyzer features on FortiManager, which of the following statements is true?

• A. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager
• B. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices
• C. FortiManager can be used only as a logging device.
• D. FortiManager will reboot

正解: D

解説:
When the FortiAnalyzer feature set is enabled on FortiManager, FortiManager will reboot.

 

質問 34
Which of the following statements are true regarding SD-WAN Central Management? (Choose three.)

• A. SD-WAN settings can be installed on multiple FortiGate devices at the same time
• B. SD-WAN must be enabled on per-ADOM basis
• C. You can create multiple SD-WAN interfaces per VDOM
• D. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.
• E. When you configure an SD-WAN, you must specify at least two member interfaces.

正解: A,B,E

 

質問 35
Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

• A. The same administrator can lock more than one ADOM at the same time
• B. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
• C. Unlocking an ADOM will install configuration automatically on managed devices
• D. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

正解: A,D

解説:
To enable ADOM locking and disable concurrent ADOM access:
config system global
set workspace-mode normal
end
Reference: http://help.fortinet.com/fmgr/cli/5-6-2/Document/0800_ADOMs/200_Configuring+.htm

 

質問 36
View the following exhibit, which shows the Download Import Report:

Why it is failing to import firewall policy ID 2?

• A. The address object used in policy ID 2 already exist in ADON database with any as interface association and conflicts with address object interface association locally on the FortiGate
• B. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager
• C. Policy ID 2 is configured from interface any to port6 FortiManager rejects to import this policy because any interface does not exist on FortiManager
• D. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

正解: A

解説:
FortiManager can create a dynamic mapping for an address object, if the address object name is the same, but contains a different value locally. However, there is one restriction - the associated interface cannot be different. This is because, at the ADOM level, this address object might be used by other policy packages, which might not have same interfaces." Address object name in this case is "REMOTE_SUBNET". The interface binding has 2 different interfaces 'ANY' and
'Port6'. They cannot be different.

 

質問 37
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI.
Both port1 and port2 are part of the SD-WAN member interfaces. Which interface must the administrator select in the static route device drop-down list?

• A. virtual-wan-link
• B. port2
• C. auto-discovery
• D. port1

正解: A

 

質問 38
Refer to the exhibit.

Which statement about the object named ALL is true?

• A. FortiManager installed the object ALL with the updated value.
• B. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
• C. FortiManager updated the object ALL using the FortiManager value in its database.
• D. FortiManager updated the object ALL using the FortiGate value in its database.

正解: D

 

質問 39
What configuration setting for FortiGate is part of a device-level database on FortiManager?

• A. Security profiles
• B. Firewall policies
• C. Routing
• D. VIP and IP Pools

正解: C

解説:
The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more.
The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.

 

質問 40
Refer to the exhibit. Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

• A. Policy seq.# 3 will be installed on the Trainer[NAT] VDOM only.
• B. The Install On column value represents successful installations on the managed devices.
• C. Policy seq.# 3 will be installed on all managed devices and VDOMs that are listed under Installation Targets.
• D. Policy seq.# 3 will not be installed on any managed device.

正解: C

 

質問 41
When a FortiManager HA primary device fails, which two statements are correct for promoting a secondary device to the primary role? (Choose two)

• A. Reboot is required when promoting from secondary to primary.
• B. All other secondary devices must be reconfigured to point to new primary device.
• C. Must manually reconfigure one of the secondary devices to become the master device.
• D. The FortiManager HA suports IP takeover where an HA state transition does not require manual intervention.

正解: B,C

 

質問 42
Refer to the exhibit.

An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes.
What is the purpose of this command?

• A. It allows FortiGate to reboot and restore a previously working firmware image.
• B. It allows FortiGate to unset central management settings.
• C. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
• D. It allows FortiGate to reboot and recover the previous configuration from its configuration file.

正解: D

解説:
Explanation/Reference:
Reference: https://docs.fortinet.com/document/fortimanager/6.2.0/fortigate-fortimanager-communications- protocol-guide/141304/fgfm-recovery-logic

 

質問 43
View the following exhibit:

How will FortiManager try to get updates for antivirus and IPS?

• A. From the list of configured override servers with ability to fall back to public FDN servers
• B. From the configured override server list only
• C. From the default server fdsl.fortinet.com
• D. From public FDNI server with highest index number only

正解: A

 

質問 44
Which of the following conditions trigger FortiManager to create a new revision history? (Choose two.)

• A. When configuration revision is reverted to previous revision in the revision history
• B. When FortiManager installs device-level changes to a managed device
• C. When FortiManager is auto-updated with configuration changes made directly on a managed device
• D. When changes to device-level database is made on FortiManager

正解: B,C

解説:
When a new configuration is installed, FortiManager compares the latest revision history running on the device with the changes made on FortiManager.
FortiManager then creates a new revision in the revision history and installs these changes on the managed device. Modifying configuration directly on a managed device creates automatically new revision.

 

質問 45
An administrator wants to delete an address object that is currently referenced in a firewall policy.
Which one of the following statements is true?

• A. FortiManager will not allow the administrator to delete a referenced address object
• B. FortiManager will disable the status of the referenced firewall policy
• C. FortiManager will replace the deleted address object with all address object in the referenced firewall policy
• D. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy

正解: D

解説:
On FortiManager, it is possible to delete a used object. FortiManager will display a warning message stating that the object is currently used by other firewall policies or objects. If you delete a used object, FortiManager will replace it with a none object. The none object is equal to null, which means any traffic that meets that firewall policy will be blocked.

 

質問 46
What is the purpose of the Policy Check feature on FortiManager?

• A. To find and provide recommendation to combine multiple separate policy packages into one common policy package
• B. To find and provide recommendation for optimizing policies in a policy package
• C. To find and delete disabled firewall policies in the policy package
• D. To find and merge duplicate policies in the policy package

正解: D

解説:
The policy check tool allows you to check all policy packages within an ADOM to ensure consistency and eliminate conflicts that may prevent your devices from passing traffic. This allows you to optimize your policy sets and potentially reduce the size of your databases. The check will verify:
1. Object duplication: two objects that have identical definitions
2. Object shadowing: a higher priority object completely encompasses another object of the same type
3. Object overlap: one object partially overlaps another object of the same type
4. Object orphaning: an object has been defined but has not been used anywhere.
Reference: https://docs.fortinet.com/uploaded/files/2905/FortiManager-5.4.0-Administration-Guide.pdf

 

質問 47
Refer to the exhibit.

What can you conclude from the failed installation log shown in the exhibit?

• A. Policy ID 2 is installed in the disabled state.
• B. Policy ID 2 is installed without a source address.
• C. Policy ID 2 will not be installed.
• D. Policy ID 2 is installed without a source device.

正解: D

 

質問 48
An administrator's PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash.
How can the administrator unlock the ADOM?

• A. Log in as Super_User in order to unlock the ADOM.
• B. Log in using the same administrator account to unlock the ADOM.
• C. Delete the previous admin session manually through the FortiManager GUI or CLI.
• D. Restore the configuration from a previous backup.

正解: B

 

質問 49
......

今すぐダウンロード！リアルFortinet NSE5_FMG-6.2試験問題集テストエンジン試験問題：https://www.jpntest.com/shiken/NSE5_FMG-6.2-mondaishu