試験問題集でNSE5_FMG-7.0練習で無料最新のFortinet練習テスト [Q16-Q36]

試験問題集でNSE5_FMG-7.0練習で無料最新のFortinet練習テスト

NSE5_FMG-7.0試験問題、リアルNSE5_FMG-7.0練習問題集

質問 # 16
Which two settings must be configured for SD-WAN Central Management? (Choose two.)

• A. SD-WAN must be enabled on per-ADOM basis
• B. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.
• C. You can create multiple SD-WAN interfaces per VDOM
• D. When you configure an SD-WAN, you must specify at least two member interfaces.

正解：A、D

質問 # 17
What is the purpose of the Policy Check feature on FortiManager?

• A. To find and provide recommendation for optimizing policies in a policy package
• B. To find and delete disabled firewall policies in the policy package
• C. To find and merge duplicate policies in the policy package
• D. To find and provide recommendation to combine multiple separate policy packages into one common
  policy package

正解：A

質問 # 18
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric.
Given the administrator's actions, which statement correctly describes the expected result?

• A. The authorized FortiGate will be automatically added to the Training ADOM.
• B. The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.
• C. The authorized FortiGate will appear in the root ADOM.
• D. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.

正解：C

質問 # 19
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

• A. Allows FortiManager to download IPS packages
• B. Allows FortiManager to run real-time debugs on the managed devices
• C. Allows FortiManager to automatically configure a default route
• D. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices

正解：D

質問 # 20
Refer to the exhibit.

An administrator logs into the FortiManager GUI and sees the panes shown in the exhibit.
Which two reasons can explain why the FortiAnalyzer feature panes do not appear? (Choose two.)

• A. The administrator logged in using the unsecure protocol HTTP, so the view is restricted.
• B. FortiAnalyzer features are not enabled on FortiManager.
• C. The administrator profile does not have full access privileges like the Super_User profile.
• D. The administrator IP address is not a part of the trusted hosts configured on FortiManager interfaces.

正解：B、C

質問 # 21
An administrator would like to create an SD-WAN using central management. What steps does the administrator need to perform to create an SD-WAN using central management?

• A. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
• B. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
• C. You must specify a gateway address when you create a default static route
• D. Remove all the interface references such as routes or policies

正解：A

質問 # 22
An administrator would like to create an SD-WAN default static route for a newly created SD-WAN using the FortiManager GUI. Both port1 and port2 are part of the SD-WAN member interfaces.
Which interface must the administrator select in the static route device drop-down list?

• A. port1
• B. virtual-wan-link
• C. auto-discovery
• D. port2

正解：B

質問 # 23
View the following exhibit.

Given the configurations shown in the exhibit, what can you conclude from the installation targets in the Install On column?

• A. Policy seq#3 will be installed on all managed devices and VDOMs that are listed under Installation Targets
• B. Policy seq#3 will be not installed on any managed device
• C. Policy seq#3 will be installed on the Trainer[NAT] VDOM only
• D. The Install On column value represents successful installation on the managed devices

正解：A

質問 # 24
Which two statements regarding device management on FortiManager are true? (Choose two.)

• A. FortiGate in transparent mode configurations are not counted toward the device count on FortiManager.
• B. FortiGate devices in HA cluster devices are counted as a single device.
• C. FortiGate devices in an HA cluster that has five VDOMs are counted as five separate devices.
• D. The maximum number of managed devices for each ADOM is 500.

正解：B、C

質問 # 25
Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

• A. When FortiManager is auto-updated with configuration changes made directly on a managed device
• B. When configuration revision is reverted to previous revision in the revision history
• C. When changes to device-level database is made on FortiManager
• D. When FortiManager installs device-level changes to a managed device

正解：A、D

質問 # 26
Refer to the exhibits.
Exhibit one.

Exhibit two.

An administrator created a new system template named Training with two new DNS addresses on FortiManager. During the installation preview stage, the administrator notices that many unset commands need to be pushed.
What can be the main reason for these unset commands?

• A. The DNS addresses in the default system settings are the same as the Training system template
• B. The Training system template does not have assigned devices
• C. The ADOM is locked by another administrator
• D. The Training system template has other default settings

正解：D

質問 # 27
Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

• A. Routing
• B. Security profiles
• C. NSX-T Service Template
• D. SNMP

正解：B

質問 # 28
Refer to the exhibit.

Which two statements are true if the script is executed using the Device Database option? (Choose two.)

• A. The successful execution of a script on the Device Database will create a new revision history
• B. The Device Settings Status will be tagged as Modified
• C. The script history will show successful installation of the script on the remote FortiGate
• D. You must install these changes using the Install Wizard to a managed device

正解：B、D

質問 # 29
Refer to the exhibit.

An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.
When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?

• A. 192.168.0.1/24
• B. Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.
• C. 10.200.1.0/24
• D. It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.

正解：C

解説：
FortiManager_6.4_Study_Guide-Online - page 209
In the example, the dynamic address object LocalLan refers to the internal network address of the managed firewalls. The object has a default value of 192.168.1.0/24. The mapping rules are defined per device. For Remote-FortiGate, the address object LocalLan referes to 10.10.11.0/24. The devices in the ADOM that do not have dynamic mapping for LocalLan have a default value of 192.168.1.0/2.

質問 # 30
You are moving managed FortiGate devices from one ADOM to a new ADOM.
Which statement correctly describes the expected result?

• A. Any pending device settings will be installed automatically
• B. The shared policy package will not be moved to the new ADOM
• C. Any unused objects from a previous ADOM are moved to the new ADOM automatically
• D. Policy packages will be imported into the new ADOM automaticallyD

正解：B

質問 # 31
View the following exhibit.

If both FortiManager and FortiGate are behind the NAT devices, what are the two expected results? (Choose two.)

• A. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on
  FortiGate under central management.
• B. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.
• C. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.
• D. If the FCFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

正解：B、C

解説：
Fortimanager can discover FortiGate through a NATed FortiGate IP address. If a FortiManager NATed IP address is configured on FortiGate, then FortiGate can announce itself to FortiManager. FortiManager will not attempt to re-establish the FGFM tunnel to the FortiGate NATed IP address, if the FGFM tunnel is interrupted. Just like it was in the NATed FortiManager scenario, the FortiManager NATed IP address in this scenario is not configured under FortiGate central management configuration.

質問 # 32
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

• A. Reverting to a previous revision history will tag the device settings status as Auto-Update.
• B. Reverting to a previous revision history will generate a new version ID and remove all other history
• C. It will modify device-level database
• D. To push these changes to a managed device, it required an install operation to the managed FortiGate.

正解：C、D

質問 # 33
What will happen if FortiAnalyzer features are enabled on FortiManager?

• A. FortiManager will reboot
• B. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices
• C. FortiManager can be used only as a logging device.
• D. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager

正解：A

質問 # 34
Which of the following statements are true regarding schedule backup of FortiManager? (Choose two.)

• A. Does not back up firmware images saved on FortiManager
• B. Backs up all devices and the FortiGuard database.
• C. Can be configured from the CLI and GUI
• D. Supports FTP, SCP, and SFTP

正解：A、D

質問 # 35
Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

• A. It allows the same administrator to lock more than one ADOM at the same time.
• B. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.
• C. It is used to validate administrator login attempts through external servers.
• D. It disables concurrent read-write access to an ADOM.

正解：A、D

質問 # 36
......

確認済みNSE5_FMG-7.0試験問題集と解答で時間限定無料提供！NSE5_FMG-7.0には正解付き：https://www.jpntest.com/shiken/NSE5_FMG-7.0-mondaishu