An administrator would like to review, approve, or reject all the firewall policy changes made by the junior administrators. How should the Workspace mode be configured on FortiManager?

A. Set to workflow and use the ADOM locking feature

B. Set to read/write and use the policy locking feature

C. Set to normal and use the policy locking feature

D. Set to disable and use the policy locking feature

What will happen if FortiAnalyzer features are enabled on FortiManager?

A. FortiManager will reboot

B. FortiManager will send the logging configuration to the managed devices so the managed devices will start sending logs to FortiManager

C. FortiManager will enable ADOMs automatically to collect logs from non-FortiGate devices

D. FortiManager can be used only as a logging device.

View the following exhibit:

Which two statements are true if the script is executed using theRemote FortiGate Directly (via CLI)option? (Choose two.)

A. You must install these changes usingInstall Wizard

B. FortiGate will auto-update the FortiManager's device-level database.

C. FortiManager will create a new revision history.

D. FortiManager provides a preview of CLI commands before executing this script on a managed FortiGate.

Refer to the exhibit.

Which two statements about the output are true? (Choose two.)

A. The latest revision history for the managed FortiGate does match with the FortiGate running configuration

B. Configuration changes have been installed to FortiGate and represents FortiGate configuration has been changed

C. The latest history for the managed FortiGate does not match with the device-level database

D. Configuration changes directly made on the FortiGate have been automatically updated to device-level database

An administrator is replacing a device on FortiManager by running the following command:

execute device replace sn .

What device name and serial number must the administrator use?

A. Device name and serial number of the original device.

B. Device name and serial number of the replacement device.

C. Device name of the replacement device and serial number of the original device.

D. Device name of the original device and serial number of the replacement device.

Which two conditions trigger FortiManager to create a new revision history? (Choose two.)

A. When FortiManager is auto-updated with configuration changes made directly on a managed device

B. When changes to the device-level database are made on FortiManager

C. When FortiManager installs device-level changes on a managed device

D. When a configuration revision is reverted to a previous revision in the revision history

An administrator created a header and footer global policy package and assigned it to an ADOM. What are two outcomes from this action? (Choose two.)

A. You must manually move the header and footer policies after the policy assignment.

B. After you assign the global policy package to an ADOM, the policy package is hidden from the ADOM and cannot be viewed.

C. If you assign an additional global policy package to the same ADOM, FortiManaqer removes previously assigned policies.

D. You can edit or delete all the global objects in the global ADOM.

In the event that one of the secondary FortiManager devices fails, which action must be performed to return the FortiManager HA manual mode to a working state?

A. The FortiManaqer HA state transition is transparent to administrators and does not require any reconfiguration.

B. Manually promote one of the working secondary devices to the primary role, and reboot the old primary device to remove the peer IP of the failed device.

C. Reconfigure the primary device to remove the peer IP of the failed device.

D. Reboot the failed device to remove its IP from the primary device.

Which configuration setting for FortiGate is part of an ADOM-level database on FortiManager?

A. NSX-T Service Template

B. Security profiles

C. SNMP

D. Routing

Which of the following statements are true regarding VPN Gateway configuration in VPN Manager? (Choose two.)

A. Managed gateways are devices managed by FortiManager in the same ADOM

B. External gateways are third-party VPN gateway devices only

C. Protected subnets are the subnets behind the device that you don't want to allow access to over the IPsec VPN

D. Managed devices in other ADOMs must be treated as external gateways