[2023年04月03日] 有効なNSE5_FMG-7.0テスト解答とFortinet NSE5_FMG-7.0試験PDF問題を試そう
実際に出るNSE5_FMG-7.0試験問題集には正確で更新された問題
Fortinet NSE5_FMG-7.0 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
質問 10
What is the purpose of the Policy Check feature on FortiManager?
- A. To find and provide recommendation for optimizing policies in a policy package
- B. To find and delete disabled firewall policies in the policy package
- C. To find and provide recommendation to combine multiple separate policy packages into one common
policy package - D. To find and merge duplicate policies in the policy package
正解: A
質問 11
What does the diagnose dvm check-integrity command do? (Choose two.)
- A. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM
syntax - B. Verifies and corrects unregistered, registered, and deleted device states
- C. Verifies and corrects database schemas in all object tables
- D. Verifies and corrects duplicate VDOM entries
正解: B,D
解説:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries
質問 12
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?
- A. By a Question:
- B. By an Asterisk (*) at the end of the device name
- C. By an at symbol (@) at the end of the device name
- D. By a dollar symbol ($) at the end of the device name
正解: B
質問 13
An administrator would like to create an SD-WAN using central management. What steps does the
administrator need to perform to create an SD-WAN using central management?
- A. You must specify a gateway address when you create a default static route
- B. Remove all the interface references such as routes or policies
- C. First create an SD-WAN firewall policy, add member interfaces to the SD-WAN template and create a static route
- D. Enable SD-WAN central management in the ADOM, add member interfaces, create a static route and SDWAN firewall policies.
正解: D
質問 14
View the following exhibit.
When using Install Config option to install configuration changes to managed FortiGate, which of the following statements are true? (Choose two.)
- A. Installs device-level changes to FortiGate without launching the Install Wizard
- B. Provides the option to preview configuration changes prior to installing them
- C. Once initiated, the install process cannot be canceled and changes will be installed on the managed device
- D. Will not create new revision in the revision history
正解: A,C
質問 15
What are two outcomes of ADOM revisions? (Choose two.)
- A. ADOM revisions can create System Checkpoints for the FortiManager configuration
- B. ADOM revisions can save the current size of the whole ADOM
- C. ADOM revisions can significantly increase the size of the configuration backups.
- D. ADOM revisions can save the current state of all policy packages and objects for an ADOM
正解: C,D
質問 16
View the following exhibit.
Which one of the following statements is true regarding the object named ALL?
- A. FortiManager updated the object ALL using FortiManager's value in its database
- B. FortiManager created the object ALL as a unique entity in its database, which can be only used by this
managed FortiGate. - C. FortiManager installed the object ALL with the updated value.
- D. FortiManager updated the object ALL using FortiGate's value in its database
正解: D
質問 17
Refer to the exhibit.
An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package.
When the installation operation is performed, which IP/Netmask will be installed on the Local-FortiGate, for the Training firewall address object?
- A. It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.
- B. Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.
- C. 192.168.0.1/24
- D. 10.200.1.0/24
正解: D
解説:
FortiManager_6.4_Study_Guide-Online - page 209
In the example, the dynamic address object LocalLan refers to the internal network address of the managed firewalls. The object has a default value of 192.168.1.0/24. The mapping rules are defined per device. For Remote-FortiGate, the address object LocalLan referes to 10.10.11.0/24. The devices in the ADOM that do not have dynamic mapping for LocalLan have a default value of 192.168.1.0/2.
質問 18
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1.
Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?
- A. When a new policy package is created, you need to reapply the global policy package to the ADOM.
- B. When a new policy package is created, it automatically assigns the global policies to the new package.
- C. When a new policy package is created, you need to assign the global policy package from the global
ADOM. - D. When a new policy package is created, you can select the option to assign the global policies to the new package.
正解: B
解説:
Global Policy Package is applied at the ADOM level and you have the option to choose which ADOM policy packages you want to exclude (there is no option to choose Policy Packages to include).
質問 19
View the following exhibit.
Which of the following statements are true based on this configuration setting? (Choose two.)
- A. This setting is applied globally to all ADOMs.
- B. This setting will enable the ADOMs feature on FortiManager.
- C. This setting will allow assigning different VDOMs from the same FortiGate to different ADOMs.
- D. This setting will allow automatic updates to the policy package configuration for a managed device.
正解: A,C
質問 20
Which two conditions trigger FortiManager to create a new revision history? (Choose two.)
- A. When FortiManager installs device-level changes to a managed device
- B. When changes to device-level database is made on FortiManager
- C. When configuration revision is reverted to previous revision in the revision history
- D. When FortiManager is auto-updated with configuration changes made directly on a managed device
正解: A,D
質問 21
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator sent a device registration to FortiManager from a remote FortiGate. Which one of the following statements is true?
- A. The FortiGate will be added automatically to the default ADOM named FortiGate.
- B. By default, the unregistered FortiGate will appear in the root ADOM.
- C. The FortiManager administrator must add the unregistered device manually to the unregistered device
- D. The FortiGate will be automatically added to the Training ADOM.
正解: B
解説:
manually to the Training ADOM using the Add Device wizard
質問 22
An administrator has added all the devices in a Security Fabric group to FortiManager.
How does the administrator identify the root FortiGate?
- A. By an Asterisk (*) at the end of the device name
- B. By an at symbol (@) at the end of the device name
- C. By a dollar symbol ($) at the end of the device name
- D. By a
正解: A
質問 23
View the following exhibit.
Which one of the following statements is true regarding the object named ALL?
- A. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.
- B. FortiManager updated the object ALL using FortiManager's value in its database
- C. FortiManager installed the object ALL with the updated value.
- D. FortiManager updated the object ALL using FortiGate's value in its database
正解: D
質問 24
An administrator with the Super_User profile is unable to log in to FortiManager because of an authentication failure message.
Which troubleshooting step should you take to resolve the issue?
- A. Make sure ADOMs are enabled and the administrator has access to the Global ADOM
- B. Make sure FortiManager Access is enabled in the administrator profile
- C. Make sure the administrator IP address is part of the trusted hosts.
- D. Make sure Offline Mode is disabled
正解: C
解説:
Even if a user entered the correct userid/password, the FMG denies access if a user is logging in from an untrusted source IP subnets.
Topic 1, Main Questions Pool B
質問 25
......
NSE5_FMG-7.0試験問題集でPDF問題とテストエンジン:https://www.jpntest.com/shiken/NSE5_FMG-7.0-mondaishu