Practice Free FCP_FMG_AD-7.6 Exam Online Questions
Refer to the exhibit.
An administrator has created a firewall address object that is used in multiple policy packages for multiple FortiGate devices in an ADOM.
After the installation operation is performed, which IP/netmask will be installed on Remote-Firewall [VDOM1] for the LAN firewall address object?
- A . 21.21.2.5/255.255.255.255
- B . 172.16.5.20/255.255.255.255
- C . 172.16.5.0/255.255.255.0
- D . 10.10.10.5/255.255.255.255
Refer to the exhibit.
Which two statements about the configuration shown in the exhibit are true? Choose two answers.
- A . An administrator can lock the Local-FortiGate_root policy package.
- B . The administrator created a snapshot of the Remote-FortiGate policy package.
- C . The FortiManager ADOM workspace mode is set to normal.
- D . The FortiManager is in workflow mode.
Refer to the exhibits.
Which IP/netmask will be present in the LAN firewall address object on the Remote-Firewall?
- A . 172.16.0.0/255.255.255.0
- B . 10.0.0.0/255.255.255.0
- C . 192.168. 1. 0/255.255.255.0
- D . 172.16.10.0/255.255.255.0
What can you conclude from the failed installation log shown in the exhibit?
- A . Policy ID 2 is installed in the disabled state.
- B . Policy ID 2 will not be installed.
- C . Policy ID 2 is installed without a source address.
- D . Policy ID 2 is installed without the remote user student.
Push updates are failing on a FortiGate device located behind a network address translation (NAT) device?
Which two settings should the administrator check to correct this problem? (Choose two.)
- A . Make sure the NAT device IP address and the correct ports are configured on FortiManager.
- B . Make sure FortiGuard updates and web service are enabled on the FortiGuard service interface.
- C . Make sure the virtual IP address and the correct ports are configured on the NAT device.
- D . Make sure the Bind to IP address option on the FortiGuard service interface is set to the virtual IP
address from the NAT device.
Refer to the exhibits.
An administrator must replace the source LAN interface in policy ID 2 on their FortiGateRugged-70F.
However, when they try to install the policy package, they receive the error shown in the exhibit.
What should the administrator do to resolve the error?
- A . Use the API to assign a system template interface for FortiGateRugged-70F model.
- B . Use a metadata variable to dynamically assign an interface when this error occurs.
- C . Create a per-device mapping for the LAN interface.
- D . Replace LAN with lan1, which is supported by FortiGateRugged-70F models.
A FortiManager administrator opens the revision history and choose to revert to a previous version.
What will this action do to the current device configuration?
- A . It will trigger an unknown device-level database status, and the administrator will have to import a policy package to sync.
- B . It will trigger a conflict status if it is using any provisioning template, and the administrator will have to install changes.
- C . It will revert both configurations: device-level database and policy layer database.
- D . It will modify the device-level database.
Refer to the exhibits.
An administrator added BR1-FGT-1 to FortiManager and started importing the policy package. During the process, they saw that they need to choose values from FortiGate or FortiManager.
Which conclusion is most clearly supported by the exhibits?
- A . BR1-FGT-1 does not support the SSL/SSH profile with HTTPS on port 443.
- B . The administrator must match the FortiOS firmware version with the FortiManager ADOM firmware version to resolve the conflict status.
- C . The default Firewall Profile-Protocol-Options object is the only profile that does not significantly affect any configuration changes on either FortiManager or FortiGate.
- D . FortiManager has a different FortiGuard database compared to FortiGate BR1-FGT-1 for the QUIC
protocol.
Refer to the exhibit.
What can you conclude from the downloaded import report?
- A . FortiManager does not support per-device mapping for firewall addresses.
- B . The administrator will see a new policy package named Remote-FortiGate_root in the FortiManager ADOM database.
- C . FortiManager will change the configuration of REMOTE_SUBNET to match the interface mapping coming in from Remote-FortiGate.
- D . As a result of this policy import process, FortiManager will create a new firewall address called REMOTE_SUBNET in the ADOM database.
Refer to the exhibit.
Which statement about the environment shown in the exhibit is true? Choose one answer
- A . You must restart the secondary device if you promote it to primary.
- B . No FortiGuard packages have been synchronized between the cluster members.
- C . A failover will take place after five minutes without receiving heartbeat packets.
- D . FortiAnalyzer features are not enabled on this FortiManager device.