What is the purpose of the Policy Check feature on FortiManager?
A. To find and provide recommendation to combine multiple separate policy packages into one common policy package
B. To find and merge duplicate policies in the policy package
C. To find and provide recommendation for optimizing policies in a policy package
D. To find and delete disabled firewall policies in the policy package
Refer to the following exhibit:
Which of the following statements are true based on this configuration? (Choose two.)
A. The same administrator can lock more than one ADOM at the same time
B. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out
C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
D. Unlocking an ADOM will install configuration automatically on managed devices
An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators. How should the Workspace mode be configured on FortiManager?
A. Set to workflow and use the ADOM locking feature
B. Set to read/write and use the policy locking feature
C. Set to normal and use the policy locking feature
D. Set to disable and use the policy locking feature
Refer to the exhibit.
Which two statements are true if the script is executed using the Device Database option? (Choose two.)
A. You must install these changes using the Install Wizard to a managed device
B. The successful execution of a script on the Device Database will create a new revision history
C. The script history will show successful installation of the script on the remote FortiGate
D. The Device Settings Status will be tagged as Modified
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?
A. Allows FortiManager to download IPS packages
B. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices
C. Allows FortiManager to run real-time debugs on the managed devices
D. Allows FortiManager to automatically configure a default route
An administrator is replacing a device on FortiManager by running the following command:
execute device replace sn
What device name and serial number must the administrator use?
A. Device name and serial number of the original device.
B. Device name and serial number of the replacement device.
C. Device name of the replacement device and serial number of the original device.
D. Device name of the original device and serial number of the replacement device.
Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)
A. Managed gateways are devices managed by FortiManager in the same ADOM
B. External gateways are third-party VPN gateway devices only
C. Protected subnets are the subnets behind the device that you don't want to allow access to over the IPsec VPN
D. Managed devices in other ADOMs must be treated as external gateways
Refer to the exhibit.
According to the error message why is FortiManager failing to add the FortiAnalyzer device?
A. The administrator must turn off the Use Legacy Device login and add the FortiAnaJyzer device to the same network as Forti-Manager
B. The administrator must select the Forti-Manager administrative access checkbox on the FortiAnalyzer management interface
C. The administrator must use the Add Model Device section and discover the FortiAnaJyzer device
D. The administrator must use the correct user name and password of the FortiAnalyzer device
Which of the following statements are true regarding VPN Manager? (Choose three.)
A. VPN Manager must be enabled on a per ADOM basis.
B. VPN Manager automatically adds newly-registered devices to a VPN community.
C. VPN Manager can install common IPsec VPN settings on multiple FortiGate devices at the same time.
D. Common IPsec settings need to be configured only once in a VPN Community for all managed gateways.
E. VPN Manager automatically creates all the necessary firewall policies for traffic to be tunneled by IPsec.
Which two settings are required for FortiManager Management Extension Applications (MEA)? (Choose two.)
A. When you configure MEA, you must open TCP or UDP port 540.
B. You must open the ports to the Fortinet registry
C. You must create a MEA special policy on FortiManager using the super user profile
D. The administrator must have the super user profile.