Which configurationsetting for FortiGate is part oan ADOM-level database on FortiManager?
Correct Answer: D
Question 2
Refer to the exhibit. You are using the Quick Install option to install configuration changes on the managed FortiGate. Which two statements correctly describe the result? (Choose two.)
Correct Answer: B,D
* Option B: It provides the option to preview only the policy package changes before installing them.This is correct. The Quick Install option in FortiManager provides a preview of policy changes before they are applied, allowing administrators to review and confirm the changes. * Option D: It installs device-level changes on the FortiGate device without launching the Install Wizard.This is correct. Quick Install allows for the immediate installation of device-level changes, such as interface or routing configurations, directly onto the FortiGate without going through the full Install Wizard. Explanation of Incorrect Options: * Option A: It installs provisioning template changes on the FortiGate deviceis incorrect because Quick Install does not specifically deal with provisioning templates. * Option C: It installs all the changes in the device database first and the administrator must reinstall the changes on the FortiGate deviceis incorrect because Quick Install directly applies changes to the FortiGate device, not requiring a separate reinstall step. FortiManager References: * Refer to "FortiManager Administration Guide" for details on "Quick Install" functionality under "Device Management."
Question 3
Which configuration setting for FortiGate is part o an ADOM-level database on FortiManager?
Correct Answer: D
Security profiles are part of the ADOM-level database in FortiManager. These configurations allow for centralized management of security settings like antivirus, web filtering, application control, and intrusion prevention. Security profiles are created and managed under the Policy & Objects section, which operates at the ADOM level.
Question 4
Exhibit. An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.)
Correct Answer: A,C
Based on the exhibit, the FortiManager administrator is setting up three ADOMs (Administrative Domains) that correspond to different departments (Financial, HR, and IT). Each ADOM has specific FortiGate devices or VDOMs (Virtual Domains) assigned to it, with different administrators managing the ADOMs. Explanation of Options: * A. The FortiManager administrator must set the ADOM device mode to Advanced. * This istrue. In FortiManager, when there areVDOMs(Virtual Domains) involved, you must set the ADOM toAdvanced modeto manage VDOMs properly. The IT department ADOM includes different VDOMs from FortiGate 4 (VDOM 2 and VDOM 3), which means the ADOM mode must be inAdvancedto support managing VDOMs separately from other ADOMs. * B. Policies and objects databases can be shared between the Financial and HR ADOMs. * This isfalse. By default, ADOMs are separate, and policies and objects cannot be shared between them unless they are specifically designed to do so. The exhibit shows distinct ADOMs for each department, implying no direct sharing of policies and objects between Financial and HR ADOMs. * C. An administrator with the super user profile can access all the VDOMs. * This istrue. A FortiManager administrator with thesuper userprofile hasfull accessto all ADOMs and VDOMs, regardless of how access is restricted for individual administrators. In this case, an admin with the super user profile could access Financial, HR, and IT ADOMs, including all the VDOMs from FortiGate 4. * D. The administrator must configure FortiManager in workspace normal mode. * This isfalse. There is no requirement mentioned in the exhibit or scenario that mandates using workspace normal mode. Workspace mode is more related to how configuration changes are managed (locking, editing, etc.), but it doesn't affect the creation or access control of ADOMs. Conclusion: * Ais correct becauseAdvanced modeis necessary for managing VDOMs within ADOMs. * Cis correct because asuper usercan access all VDOMs and ADOMs without restrictions.
Question 5
You are moving managed FortiGate devices from one ADOM to a new ADOM. Which statement correctly describes the expected result?
Correct Answer: B
When you move a device to a new ADOM, the shared policy packages do not transfer automatically. You would need to manually configure or assign the necessary policy packages in the new ADOM.
