Fortinet NSE 5 - FortiManager 6.4 NSE5_FMG-6.4 Dumps in PDF

Free Fortinet NSE5_FMG-6.4 Real Questions (page: 2)

Which configuration setting for FortiGate is part of a device-level database on FortiManager?

  1. VIP and IP Pools
  2. Firewall policies
  3. Security profiles
  4. Routing

Answer(s): D

Explanation:

The FortiManager stores the FortiGate configuration details in two distinct databases. The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more. The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.



Refer to the exhibit.



Which two statements about the output are true? (Choose two.)

  1. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  2. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
  3. The latest history for the managed FortiGate does not match with the device-level database
  4. Configuration changes directly made on the FortiGate have been automatically updated to device-level
    database

Answer(s): A,C

Explanation:

STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up­ dev-db: modified ­ This is the device setting status which indicates that configuration changes were made on FortiManager.­ conf: in sync ­ This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration.­ cond: pending ­ This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion:­ Revision DB does match FortiGate.­ No changes were installed to FortiGate yet.­ Device DB doesn't match Revision DB.­ No changes were done on FortiGate (auto-update) but configuration was retrieved instead After an Auto-Update or Retrieve:device database = latest revision = FGT Then after a manual change on FMG end (but no install yet):latest revision = FGT (still) but now device database has been modified (is different). After reverting to a previous revision in revision history:device database = reverted revision != FGT



An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators.

How should the Workspace mode be configured on FortiManager?

  1. Set to workflow and use the ADOM locking feature
  2. Set to read/write and use the policy locking feature
  3. Set to normal and use the policy locking feature
  4. Set to disable and use the policy locking feature

Answer(s): A


Reference:

https://help.fortinet.com/fmgr/50hlp/52/5-2- 0/FMG_520_Online_Help/200_What's-New.03.03.html



Which two settings must be configured for SD-WAN Central Management? (Choose two.)

  1. SD-WAN must be enabled on per-ADOM basis
  2. You can create multiple SD-WAN interfaces per VDOM
  3. When you configure an SD-WAN, you must specify at least two member interfaces.
  4. The first step in creating an SD-WAN using FortiManager is to create two SD-WAN firewall policies.

Answer(s): A,C



When an installation is performed from FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

  1. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.
  2. FortiManager will revert and install a previous configuration revision on the managed FortiGate.
  3. FortiGate will reject the CLI commands that will cause the tunnel to go down.
  4. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

Answer(s): A


Reference:

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/067f5236-ca6d- 11e9-8977-00505692583a/FGFM-6.2-Communications_Protocol_Guide.pdf page 17



Share your comments for Fortinet NSE5_FMG-6.4 exam with other users:

R
Rahul
6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?

T
TeamOraTech
12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.

C
Curtis
7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.

S
sam
7/17/2023 6:22:00 PM

cannot evaluate yet

N
nutz
7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid

R
rajesh soni
1/17/2024 6:53:00 AM

good examplae to learn basic

T
Tanya
10/25/2023 7:07:00 AM

this is useful information

N
Nasir Mahmood
12/11/2023 7:32:00 AM

looks usefull

J
Jason
9/30/2023 1:07:00 PM

question 81 should be c.

T
TestPD1
8/10/2023 12:22:00 PM

question 18 : response isnt a ?

A
ally
8/19/2023 5:31:00 PM

plaese add questions

D
DIA
10/7/2023 5:59:00 AM

is dumps still valid ?

A
Annie
7/7/2023 8:33:00 AM

thanks for this

A
arnie
9/17/2023 6:38:00 AM

please upload questions

T
Tanuj Rana
7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning

F
Future practitioner
8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!

A
Ace
8/3/2023 10:37:00 AM

number 52 answer is d

N
Nathan
12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help

C
Corey
12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.

R
Rajender
10/18/2023 3:54:00 AM

i would like to take psm1 exam.

B
Blessious Phiri
8/14/2023 9:53:00 AM

cbd and pdb are key to the database

A
Alkaed
10/19/2022 10:41:00 AM

the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.

D
Dave Gregen
9/4/2023 3:17:00 PM

please upload p_sapea_2023

S
Sarah
6/13/2023 1:42:00 PM

anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried

S
Shuv
10/3/2023 8:19:00 AM

good questions

R
Reb974
8/5/2023 1:44:00 AM

hello are these questions valid for ms-102

M
Mchal
7/20/2023 3:38:00 AM

some questions are wrongly answered but its good nonetheless

S
Sonbir
8/8/2023 1:04:00 PM

how to get system serial number using intune

M
Manju
10/19/2023 1:19:00 PM

is it really helpful to pass the exam

L
LeAnne Hair
8/24/2023 12:47:00 PM

#229 in incorrect - all the customers require an annual review

A
Abdul SK
9/28/2023 11:42:00 PM

kindy upload

A
Aderonke
10/23/2023 12:53:00 PM

fantastic assessment on psm 1

S
SAJI
7/20/2023 2:51:00 AM

56 question correct answer a,b

R
Raj Kumar
10/23/2023 8:52:00 PM

thank you for providing the q bank

AI Tutor 👋 I’m here to help!