• Home
  • Blogs
  • [2023] Pass Fortinet NSE5_FMG-7.0 Exam Updated 74 Questions [Q30-Q47]

[2023] Pass Fortinet NSE5_FMG-7.0 Exam Updated 74 Questions [Q30-Q47]

Share

[2023] Pass Fortinet NSE5_FMG-7.0 Exam Updated 74 Questions

Get 2023 Updated Free Fortinet NSE5_FMG-7.0 Exam Questions and Answer


To become certified in Fortinet NSE5_FMG-7.0, candidates must have a solid understanding of FortiGate network security concepts and the FortiManager v7.0 platform. They are required to pass a multi-part examination that includes both theoretical and practical components, which tests their ability to deploy, configure, administer, and troubleshoot the FortiManager v7.0 in real-world scenarios.

 

NEW QUESTION # 30
In addition to the default ADOMs, an administrator has created a new ADOM named Training for FortiGate devices. The administrator authorized the FortiGate device on FortiManager using the Fortinet Security Fabric.
Given the administrator's actions, which statement correctly describes the expected result?

  • A. The authorized FortiGate can be added to the Training ADOM using FortiGate Fabric Connectors.
  • B. The FortiManager administrator must add the authorized device to the Training ADOM using the Add Device wizard only.
  • C. The authorized FortiGate will appear in the root ADOM.
  • D. The authorized FortiGate will be automatically added to the Training ADOM.

Answer: C


NEW QUESTION # 31
An administrator would like to authorize a newly-installed AP using AP Manager. What steps does the administrator need to perform to authorize an AP?

  • A. Authorize the new AP using AP Manager and wait until the change is updated on the FortiAP. Changes to the AP's state do not require installation.
  • B. Changes to the AP's state must be performed directly on the managed FortiGate.
  • C. Authorize the new AP using AP Manager and install the device level settings on the managed FortiGate.
  • D. Authorize the new AP using AP Manager and install the policy package changes on the managed FortiGate.

Answer: C


NEW QUESTION # 32
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Verifies and corrects database schemas in all object tables
  • B. Verifies and corrects unregistered, registered, and deleted device states
  • C. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM syntax
  • D. Verifies and corrects duplicate VDOM entries

Answer: B,D

Explanation:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries


NEW QUESTION # 33
Refer to the following exhibit:

Which of the following statements are true based on this configuration? (Choose two.)

  • A. Unlocking an ADOM will install configuration automatically on managed devices
  • B. The same administrator can lock more than one ADOM at the same time
  • C. Unlocking an ADOM will submit configuration changes automatically to the approval administrator
  • D. Ungraceful closed sessions will keep the ADOM in a locked state until the administrator session times out

Answer: B,D


NEW QUESTION # 34
View the following exhibit.

Which statement is true regarding this failed installation log?

  • A. Policy ID 2 is installed without a source device
  • B. Policy ID 2 is installed without a source address
  • C. Policy ID 2 will not be installed
  • D. Policy ID 2 is installed in disabled state

Answer: A


NEW QUESTION # 35
Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

  • A. The latest revision history for the managed FortiGate does match with the FortiGate running configuration
  • B. The latest history for the managed FortiGate does not match with the device-level database
  • C. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed
  • D. Configuration changes directly made on the FortiGate have been automatically updated to device-level

Answer: A,B

Explanation:
database
Explanation:
STATUS: dev-db: modified; conf: in sync; cond: pending; dm: retrieved; conn: up - dev-db: modified - This is the device setting status which indicates that configuration changes were made on FortiManager. - conf: in sync - This is the sync status which shows that the latest revision history is in sync with Fortigate's configuration. - cond: pending - This is the configuration status which says that configuration changes need to be installed.
Most probably a retrieve was done in the past (dm: retrieved) updating the revision history DB (conf: in sync) and FortiManager device level DB, now there is a new modification on FortiManager device level DB (dev-db: modified) which wasn't installed to FortiGate (cond: pending), hence; revision history DB is not aware of that modification and doesn't match device DB.
Conclusion: - Revision DB does match FortiGate. - No changes were installed to FortiGate yet. - Device DB doesn't match Revision DB. - No changes were done on FortiGate (auto-update) but configuration was retrieved instead
After an Auto-Update or Retrieve: device database = latest revision = FGT
Then after a manual change on FMG end (but no install yet): latest revision = FGT (still) but now device database has been modified (is different).
After reverting to a previous revision in revision history: device database = reverted revision != FGT


NEW QUESTION # 36
Which of the following statements are true regarding reverting to previous revision version from the revision history? (Choose two.)

  • A. Reverting to a previous revision history will generate a new version ID and remove all other history
  • B. Reverting to a previous revision history will tag the device settings status as Auto-Update.
  • C. It will modify device-level database
  • D. To push these changes to a managed device, it required an install operation to the managed FortiGate.

Answer: C,D


NEW QUESTION # 37
View the following exhibit.

Which one of the following statements is true regarding the object named ALL?

  • A. FortiManager created the object ALL as a unique entity in its database, which can be only used by this
    managed FortiGate.
  • B. FortiManager updated the object ALL using FortiGate's value in its database
  • C. FortiManager updated the object ALL using FortiManager's value in its database
  • D. FortiManager installed the object ALL with the updated value.

Answer: B


NEW QUESTION # 38
View the following exhibit:

Which two statements are true if the script is executed using the Remote FortiGate Directly (via CLI) option? (Choose two.)

  • A. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.
  • B. FortiGate will auto-update the FortiManager's device-level database.
  • C. You must install these changes using Install Wizard
  • D. FortiManager will create a new revision history.

Answer: B,D


NEW QUESTION # 39
What does the diagnose dvm check-integrity command do? (Choose two.)

  • A. Verifies and corrects database schemas in all object tables
  • B. Internally upgrades existing ADOMs to the same ADON version in order to clean up and correct the ADOM
    syntax
  • C. Verifies and corrects unregistered, registered, and deleted device states
  • D. Verifies and corrects duplicate VDOM entries

Answer: C,D

Explanation:
6.2 Study Guide page 305 verify and correct parts of the device manager databases, including: - inconsistent device-to-group and group-to-ADOM memberships - unregistered, registered, and deleted device states - device lock statuses - duplicate VDOM entries


NEW QUESTION # 40
An administrator has enabled Service Access on FortiManager.
What is the purpose of Service Access on the FortiManager interface?

  • A. Allows FortiManager to respond to request for FortiGuard services from FortiGate devices
  • B. Allows FortiManager to run real-time debugs on the managed devices
  • C. Allows FortiManager to download IPS packages
  • D. Allows FortiManager to automatically configure a default route

Answer: A

Explanation:
FortiManager 6.2 Study guide page 350


NEW QUESTION # 41
Refer to the exhibit.

Given the configuration shown in the exhibit, how did FortiManager handle the service category named General?

  • A. FortiManager ignored the firewall service category General and updated the FortiGate duplicate value in the FortiGate database.
  • B. FortiManager ignored the firewall service category General but created a new service category in its database.
  • C. FortiManager ignored the firewall service category General and did not update Its database with the value
  • D. FortiManager ignored the firewall service category general and deleted the duplicate value In Its database

Answer: A


NEW QUESTION # 42
What is the purpose of the Policy Check feature on FortiManager?

  • A. To find and provide recommendation to combine multiple separate policy packages into one common
    policy package
  • B. To find and delete disabled firewall policies in the policy package
  • C. To find and provide recommendation for optimizing policies in a policy package
  • D. To find and merge duplicate policies in the policy package

Answer: C


NEW QUESTION # 43
Which two statements about Security Fabric integration with FortiManager are true? (Choose two.)

  • A. The Security Fabric settings are part of the device level settings
  • B. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices
  • C. The Security Fabric license, group name and password are required for the FortiManager Security Fabric
    integration
  • D. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices

Answer: A,D


NEW QUESTION # 44
An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the managed FortiGate.
In which database will the configuration be saved?

  • A. Device-level database
  • B. Revision history database
  • C. ADOM-level database
  • D. Configuration-level database

Answer: C

Explanation:
https://kb.fortinet.com/kb/documentLink.do?externalID=FD47942


NEW QUESTION # 45
Refer to the exhibit.

Given the configuration shown in the exhibit, which two statements are true? (Choose two.)

  • A. It allows the same administrator to lock more than one ADOM at the same time.
  • B. It is used to validate administrator login attempts through external servers.
  • C. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.
  • D. It disables concurrent read-write access to an ADOM.

Answer: A,D


NEW QUESTION # 46
Which configuration setting for FortiGate is part of a device-level database on FortiManager?

  • A. VIP and IP Pools
  • B. Security profiles
  • C. Routing
  • D. Firewall policies

Answer: C

Explanation:
The FortiManager stores the FortiGate configuration details in two distinct databases. The device-level database includes configuration details related to device-level settings, such as interfaces, DNS, routing, and more. The ADOM-level database includes configuration details related to firewall policies, objects, and security profiles.


NEW QUESTION # 47
......


Fortinet NSE5_FMG-7.0 Certification Exam is ideal for IT professionals who work with FortiManager systems and want to demonstrate their expertise in managing and maintaining these systems. By passing NSE5_FMG-7.0 exam, candidates will gain a better understanding of FortiManager features and functionalities and will be able to configure and manage FortiManager devices more effectively. Additionally, the certification can help IT professionals advance their careers by demonstrating their expertise in network security.

 

Verified NSE5_FMG-7.0 exam dumps Q&As with Correct 74 Questions and Answers: https://pass4sure.actual4cert.com/NSE5_FMG-7.0-pass4sure-vce.html

Related Blogs

more
Fortinet NSE5_FMG-7.0 Certification Practice Exam

Copyright © 2026 ACTUAL4CERT.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.