An administrator has created a firewall address object, Training which is used in the Local-FortiGate policy package. When the installation operation is performed, which IP/Netmask will be installed on the Local- FortiGate, for the Training firewall address object?
C. It will create a firewall address group on Local-FortiGate with 192.168.0.1/24 and 10.0.1.0/24 object values.
D. Local-FortiGate will automatically choose an IP/Netmask based on its network interface settings.
Explanation: FortiManager_6.4_Study_Guide-Online page 209 Explanation: In the example, the dynamic address object LocalLan refers to the internal network address of the managed firewalls. The object has a default value of 192.168.1.0/24. The mapping rules are defined per device. For Remote-FortiGate, the address object LocalLan referes to 10.10.11.0/24. The devices in the ADOM that do not have dynamic mapping for LocalLan have a default value of 192.168.1.0/2.
An administrator configures a new firewall policy on FortiManager and has not yet pushed the changes to the managed FortiGate. In which database will the configuration be saved?
What does a policy package status of Conflict indicate?
A. The policy package reports inconsistencies and conflicts during a Policy Consistency Check.
B. The policy package does not have a FortiGate as the installation target.
C. The policy package configuration has been changed on both FortiManager and the managed device independently.
D. The policy configuration has never been imported after a device was registered on FortiManager.
What will be the result of reverting to a previous revision version in the revision history?
A. It will install configuration changes to managed device automatically
B. It will tag the device settings status as Auto-Update
C. It will generate a new version ID and remove all other revision history versions
D. It will modify the device-level database
An administrator has assigned a global policy package to custom ADOM1. Then the administrator creates a new policy package, Fortinet, in the custom ADOM1. Which statement about the global policy package assignment to the newly-created policy package Fortinet is true?
A. When a new policy package is created, it automatically assigns the global policies to the new package.
B. When a new policy package is created, you need to assign the global policy package from the global ADOM.
C. When a new policy package is created, you need to reapply the global policy package to the ADOM.
D. When a new policy package is created, you can select the option to assign the global policies to the new package.
Explanation: Global Policy Package is applied at the ADOM level and you have the option to choose which ADOM policy packages you want to exclude (there is no option to choose Policy Packages to include).
What is the purpose of ADOM revisions?
A. To create System Checkpoints for the FortiManager configuration.
B. To save the current state of the whole ADOM.
C. To save the current state of all policy packages and objects for an ADOM.
D. To revert individual policy packages and device-level settings for a managed FortiGate by reverting to a specific ADOM revision
Explanation: Fortimanager 6.4 Study guide page 198
Refer to the exhibit.
An administrator has configured the command shown in the exhibit on FortiManager. A configuration change has been installed from FortiManager to the managed FortiGate that causes the FGFM tunnel to go down for more than 15 minutes. What is the purpose of this command?
A. It allows FortiGate to unset central management settings.
B. It allows FortiGate to reboot and recover the previous configuration from its configuration file.
C. It allows the FortiManager to revert and install a previous configuration revision on the managed FortiGate.
D. It allows FortiGate to reboot and restore a previously working firmware image.
An administrator is replacing a device on FortiManager by running the following command: execute device replace sn <devname> <serialnum>. What device name and serial number must the administrator use?
A. Device name and serial number of the original device.
B. Device name and serial number of the replacement device.
C. Device name of the replacement device and serial number of the original device.
D. Device name of the original device and serial number of the replacement device.
Refer to the exhibit.
Which two statements about an ADOM set in Normal mode on FortiManager are true? (Choose two.)
A. It supports the FortiManager script feature
B. It allows making configuration changes for managed devices on FortiManager panes
C. FortiManager automatically installs the configuration difference in revisions on the managed FortiGate
D. You cannot assign the same ADOM to multiple administrators
Explanation: "FortiGate units in the ADOM will query their own configuration every 5 seconds. If there has been a configuration change, the FortiGate unit will send a diff revision on the change to the FortiManager using the FGFM protocol."
Refer to the exhibit.
Given the configuration shown in the exhibit, which two statements are true? (Choose two.)
A. It allows two or more administrators to make configuration changes at the same time, in the same ADOM.
B. It disables concurrent read-write access to an ADOM.
C. It allows the same administrator to lock more than one ADOM at the same time.
D. It is used to validate administrator login attempts through external servers.
An administrators PC crashes before the administrator can submit a workflow session for approval. After the PC is restarted, the administrator notices that the ADOM was locked from the session before the crash. How can the administrator unlock the ADOM?
A. Restore the configuration from a previous backup.
B. Log in as Super_User in order to unlock the ADOM.
C. Log in using the same administrator account to unlock the ADOM.
D. Delete the previous admin session manually through the FortiManager GUI or CLI.
Which two items are included in the FortiManager backup? (Choose two.)