There are many people searching for free dumps for NSE5_FMG-5.4 exam, now we will share Fortinet Network Security Expert Program NSE5_FMG-5.4 exam free questions and answers here for you to practice, you also can contact us to get more free questions. And if we update, we will share update version to you.

New feedback: Just passed NSE5_FMG-5.4 FortiManager 5.4 Specialist on May.31.2018. number of test questions: 35 Q&As

Here is The latest NSE5_FMG-5.4 FREE real questions

QUESTION NO: 1

When installation is performed from the FortiManager, what is the recovery logic used between FortiManager and FortiGate for an FGFM tunnel?

A. After 15 minutes, FortiGate will unset all CLI commands that were part of the installation that caused the tunnel to go down.

B. FortiGate will reject the CLI commands that will cause the tunnel to go down.

C. FortiManager will revert and install a previous configuration revision on the managed FortiGate.

D. FortiManager will not push the CLI commands as a part of the installation that will cause the tunnel to go down.

Answer: C

QUESTION NO: 2

Which of the following statements are true regarding VPN Manager? (Choose three.)

A. VPN Manager must be enabled on a per ADOM basis.

B. VPN Manager automatically adds newly-registered devices to a VPN community.

C. VPN Manager can install common IPsec VPN settings on multiple FortiGate devices at the same time.

D. Common IPsec settings need to be configured only once in a VPN Community for all managed gateways.

E. VPN Manager automatically creates all the necessary firewall policies for traffic to be tunneled by IPsec.

Answer: A,C,D

QUESTION NO: 3

View the following exhibit:

When using Install Config option to install configuration changes to managed FortiGate, which of the following statements are true? (Choose two.)

A. Will not create new revision in the revision history.

B. Provides the option to preview configuration changes prior to installing them.

C. Installs device-level changes to FortiGate without launching the Install Wizard.

D. Once installed, the install process cannot be canceled and changes will be installed on the managed device.

Answer: B,C

QUESTION NO: 4

View the following exhibit:

Which of the following statements are true if both FortiManager and FortiGate are behind the NAT devices? (Choose two.)

A. FortiGate can announce itself to FortiManager only if the FortiManager IP address is configured on FortiGate under central management.

B. If the FGFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel.

C. FortiGate is discovered by FortiManager through the FortiGate NATed IP address.

D. During discovery, the FortiManager NATed IP address is not set by default on FortiGate.

Answer: B,C

QUESTION NO: 5

What is the purpose of the Policy Check feature on FortiManager?

A. To find and merge duplicate policies in the policy package.

B. To find and provide recommendation to combine multiple separate policy packages into one common policy package.

C. To find and delete disabled firewall policies in the policy package.

D. To find and provide recommendation for optimizing policies in a policy package.

Answer: A

QUESTION NO: 6

View the following exhibit:

Which one of the following statements is true regarding the object named ALL?

A. FortiManager updated the object ALL using FortiManager's value in its database.

B. FortiManager updated the object ALL using FortiGate’s value in its database.

C. FortiManager created the object ALL as a unique entity in its database, which can be only used by this managed FortiGate.

D. FortiManager installed the object ALL with the updated value.

Answer: C

QUESTION NO: 7

Which of the following conditions trigger FortiManager to create a new revision history? (Choose two.)

A. When FortiManager installs device-level changes to a managed device.

B. When configuration revision is reverted to previous revision in the revision history.

C. When changes to device-level database is made on FortiManager.

D. When FortiManager is auto-updated with configuration changes made directly on a managed device

Answer: A,C

QUESTION NO: 8

Which of the following statements are true regarding an FGFM keepalive message? (Choose two.)

A. It includes the configuration checksum of FortiGate.

B. The keepalive interval for keepalive messages is configured on FortiGate.

C. It is sent only by FortiGate.

D. It is used between FortiManager HA cluster members to make sure cluster members are in sync.

Answer: B,D

QUESTION NO: 9

An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?

A. Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.

B. Changes to the AP's state must be performed directly on the managed FortiGate.

C. Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

D. Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.

Answer: D

QUESTION NO: 10

An administrator has assigned a global policy package to custom ADOM1. What will happen if the administrator tries to create a new policy package in custom ADOM1?

A. When a new policy package is created, you need to reapply the global policy package to the ADOM.

B. When creating a new policy package, can select the option to assign the global policies to the new package.

C. When a new policy package is created, it automatically assigns the global policies to the new package.

D. When a new policy package is created, you must assign the global policy package from the global ADOM.

Answer: B

QUESTION NO: 11

View the following exhibit:

An administrator, Trainer, who is assigned the Super_User profile, is trying to approve a workflow session that was submitted by another administrator, Student. However, Trainer is unable to approve the workflow session. What can prevent an admin account that has Super_User rights over the device from approving a workflow session?

A. Trainer must close Student's workflow session before approving the request.

B. Trainer does not have full rights over this ADOM.

C. Trainer is not a part of workflow approval group.

D. Student, who submitted the workflow session, must first self-approve the request.

Answer: C

QUESTION NO: 12

View the following exhibit:

What of the following statements are true regarding the output? (Choose two.)

A. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed.

B. The latest revision history for the managed FortiGate does match with the FortiGate running configuration.

C. The latest revision history for the managed FortiGate does not match with the device-level database.

D. Configuration changes directly made on the FortiGate have been automatically updated to device-level database.

Answer: A,D

QUESTION NO: 13

An administrator wants to delete an address object that is currently referenced in a firewall policy. Which one of the following statements is true?

A. FortiManager will replace the deleted address object with the all address object in the referenced firewall policy.

B. FortiManager will disable the status of the referenced firewall policy.

C. FortiManager will not allow the administrator to delete a referenced address object.

D. FortiManager will replace the deleted address object with the none address object in the referenced firewall policy.

Answer: C

QUESTION NO: 14

What are the factory default settings on FortiManager? (Choose three.)

A. Password is fortinet

B. port1 interface IP address is 192.168.1.99/24

C. Service Access is enabled on port1

D. Username is admin

E. Reports and Event Monitor panes are enabled

Answer: B,C,D

QUESTION NO: 15

View the following exhibit:

Which statement is true regarding this failed installation log?

A. Policy ID 2 is installed without a source address.

B. Policy ID 2 is installed without a source device.

C. Policy ID 2 will not be installed.

D. Policy ID 2 is installed in disabled state.

Answer: A

QUESTION NO: 16

View the following exhibit, which shows the Download Import Report:

Why it is failing to import firewall policy ID 2?

A. The address object used in policy ID 2 already exist in ADOM database with any as interface association and conflicts with address object interface association locally on the FortiGate.

B. Policy ID 2 is configured from interface any to port6. FortiManager rejects to import this policy because any interface does not exist on FortiManager.

C. Policy ID 2 for this managed FortiGate already exists on FortiManager in policy package named Remote-FortiGate.

D. Policy ID 2 does not have ADOM Interface mapping configured on FortiManager.

Answer: B

QUESTION NO: 17

An administrator is unable to log in to FortiManager. Which one of the following troubleshooting step should you take to resolve the issue?

A. Make sure FortiManager Access is enabled in the administrator profile.

B. Make sure ADOMs are enabled and the administrator has access to the Global ADOM.

C. Make sure Offline Mode is disabled.

D. Make sure the administrator IP address is part of the trusted hosts.

Answer: D