FCP_FMG_AD-7.4 Questions and Answers

Two statements about Security Fabric integration with FortiManager that are true are:

A. The Fabric View module enables you to generate the Security Fabric ratings for Security Fabric devices.

The Fabric View module in FortiManager allows administrators to generate Security Fabric ratings, which assess the security posture of the entire Security Fabric environment.

C. The Fabric View module enables you to view the Security Fabric ratings for Security Fabric devices.

In addition to generating ratings, the Fabric View module provides visibility into the Security Fabric ratings for all connected devices, offering a consolidated view of security across the fabric.

Options B and D are incorrect because:

Bis misleading as the Security Fabric settings are generally configured and managed separately from other device-level settings.

Dis incorrect as there is no specific requirement for a Security Fabric license, group name, and password solely for FortiManager integration.

FortiManager References:

Refer to FortiManager 7.4 Security Fabric Integration Guide: Managing Security Fabric and Generating Security Fabric Ratings.

When push updates are failing on a FortiGate device behind a NAT device, the administrator should check:

A.That the override server IP address is set on FortiManager and the NAT device.

The override server IP should be configured to ensure that FortiManager uses the correct IP address that can traverse the NAT to reach the FortiGate device.

D.That the virtual IP address and correct ports are set on the NAT device.

The NAT device must have the correct virtual IP (VIP) configured to map the FortiGate's internal IP to an external address, along with the correct ports needed for communication.

Options B and C are incorrect because:

Bsuggests setting the external IP on the NAT device to DHCP, which is not relevant to solving the push update issue.

Cimplies configuring NAT device IP and ports on FortiManager, which is less likely needed compared to configuring the correct VIP and ports.

FortiManager References:

Refer to FortiManager 7.4 Administrator Guide: Device Management and NAT Configuration.

The commandexecute fmprofile import-profile ADOM2 3547 /tmp/myfileis used to import a system template profile from the FortiManager file system. The path/tmp/myfileindicates a location in the FortiManager's local file system, from which the profile will be imported into the specified ADOM.

Options B, C, and D are incorrect because:

B, C, and Dsuggest importing from different databases, which is not accurate since the command explicitly refers to the file system location.

FortiManager References:

Refer to FortiManager 7.4 CLI Reference Guide: Commands for Profile Management.

The FortiGate-FortiManager (FGFM) protocol is used for communication between a FortiGate device and FortiManager. Thekeepalive messagesare essential for maintaining communication and monitoring the health of the FortiGate devices connected to FortiManager. These messages provide important status information about the device.

Here are the items included in an FGFM keepalive message:

A. FortiGate IPS version

This isfalse. The IPS (Intrusion Prevention System) version is not included in the keepalive message. While IPS information can be part of other system syncs or monitoring processes, it is not part of the FGFM keepalive message.

B. FortiGate license information

This isfalse. The license information is not typically sent in the keepalive message. Licensing is checked and managed separately through other system operations and licensing checks.

C. FortiGate configuration checksum

This istrue. The configuration checksum is a critical part of the keepalive message, as it ensures that the configuration on the FortiGate matches the one managed by FortiManager. Any discrepancy would alert FortiManager to potential out-of-sync configurations.

D. FortiGate uptime

This istrue. The keepalive message includes the FortiGate's uptime, which allows FortiManager to track the health and stability of the connected FortiGate device.

In the exhibit, the FortiManager CLI output displays the results of thetopcommand, which shows system processes, CPU usage, and memory (RAM) usage. We are specifically looking for the process responsible for downloading theweb and email filter databasesfrom the public FortiGuard servers. This process is typically handled by thefgdlinkdprocess.

Key information from the output:

Thefgdlinkdprocess is listed with aPID of 1463.

The%MEMcolumn shows that this process is using2.9%of the available RAM.

Evaluation of Options:

A. 2.9: This iscorrect. Thefgdlinkdprocess, which handles the web and email filter database downloads, is using2.9%of the available memory, as indicated in the%MEMcolumn.

B. 3.1: This is incorrect. The3.1%memory usage belongs to thefwmsvrdprocess, not the fgdlinkd process.

C. 1.5: This is incorrect. The1.5%memory usage belongs to thefclinkdprocess, not the fgdlinkd process.

D. 4.1: This is incorrect. The4.1%memory usage belongs to thefgdsvrprocess, not the fgdlinkd process.