CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_EFW-7.0

Free NSE7_EFW-7.0 Exam Braindumps

Which statements about bulk configuration changes using FortiManager CLI scripts are correct? (Choose two.)

  1. When executed on the Policy Package, ADOM database, changes are applied directly to the managed FortiGate.
  2. When executed on the Device Database, you must use the installation wizard to apply the changes to the managed FortiGate.
  3. When executed on the All FortiGate in ADOM, changes are automatically installed without creating a new revision history.
  4. When executed on the Remote FortiGate directly, administrators do not have the option to review the changes prior to installation.

Answer(s): B,D

Explanation:

CLI scripts can be run in three different ways:
Device Database: By default, a script is executed on the device database. It is recommend you run the changes on the device database (default setting), as this allows you to check what configuration changes you will send to the managed device. Once scripts are run on the device database, you can install these changes to a managed device using the installation wizard.
Policy Package, ADOM database: If a script contains changes related to ADOM level objects and policies, you can change the default selection to run on Policy Package, ADOM database and can then be installed using the installation wizard.
Remote FortiGate directly (through CLI): A script can be executed directly on the device and you don’t need to install these changes using the installation wizard. As the changes are directly installed on the managed device, no option is provided to verify and check the configuration changes through FortiManager prior to executing it.



Which two tasks are automated using the Install Wizard on FortiManager? (Choose two.)

  1. Preview pending configuration changes for managed devices.
  2. Add devices to FortiManager.
  3. Import policy packages from managed devices.
  4. Install configuration changes to managed devices.
  5. Import interface mappings from managed devices.

Answer(s): A,D

Explanation:

2/FortiManager_Admin_Guide/1000_Device%20Manager/1200_install_to%20devices/0400_Install% 20wizard-device%20settings.htm
There are 4 main wizards:
Add Device: is used to add devices to central management and import their configurations.
Install: is used to install configuration changes from Device Manager or Policies & Objects to the managed devices. It allows you to preview the changes and, if the administrator doesn’t agree with the changes, cancel and modify them.
Import policy: is used to import interface mapping, policy database, and objects associated with the managed devices into a policy package under the Policy & Object tab. It runs with the Add Device wizard by default and may be run at any time from the managed device list.
Re-install policy: is used to perform a quick install of the policy package. It doesn’t give the ability to preview the changes that will be installed to the managed device.


Reference:

https://help.fortinet.com/fmgr/50hlp/56/5-6-



View the exhibit, which contains the output of diagnose sys session list, and then answer the question below.



If the HA ID for the primary unit is zero (0), which statement is correct regarding the output?

  1. This session is for HA heartbeat traffic.
  2. This session is synced with the slave unit.
  3. The inspection of this session has been offloaded to the slave unit.
  4. This session cannot be synced with the slave unit.

Answer(s): B



View the IPS exit log, and then answer the question below.

# diagnose test application
ipsmonitor 3 ipsengine exit log”
pid = 93 (cfg), duration = 5605322 (s) at Wed Apr 19 09:57:26 2017
code = 11, reason: manual

What is the status of IPS on this FortiGate?

  1. IPS engine memory consumption has exceeded the model-specific predefined value.
  2. IPS daemon experienced a crash.
  3. There are communication problems between the IPS engine and the management database.
  4. All IPS-related features have been disabled in FortiGate’s configuration.

Answer(s): D

Explanation:

The command diagnose test application ipsmonitor includes many options that are useful for troubleshooting purposes.
Option 3 displays the log entries generated every time an IPS engine process stopped. There are various reasons why these logs are generated:
Manual: Because of the configuration, IPS no longer needs to run (that is, all IPS-releated features have been disabled)






Post your Comments and Discuss Fortinet NSE7_EFW-7.0 exam with other Community members:

Obekoo commented on June 21, 2023
I managed to pass my certification test with help from these exam dums.
FRANCE
upvote