01. Intro And Initial Config

Question 1

Purpose of ADOMs

Answer 1

1. to divide administration of devices by ADOM
2. to control (restrict) administrator access.
3. If VDOMs are used, ADOMs can further restrict access to only data from a specific device VDOM.

Question 2

What is the main benefit of using FMG as local FDN

A. The reduction of network delays and internet bandwidth use
B. the maintenance local ad servers and users

Answer 2

A. The reduction of network delays and internet bandwidth use

Question 3

Difference between FMG and FAZ in regards to logging

Answer 3

FortiManager and FortiAnalyzer run on the same hardware and software platform.
Like FortiAnalyzer, FortiManager can also act as a logging and reporting device, but there are logging rate restrictions. Logging volumes are limited to fix amount each day
Also, FortiManager requires additional resources (CPU, memory, disk) to process logs and reports.

Question 4

When would you use FMG for logging and when prefer FAZ?

Answer 4

FortiManager can be used as a fully functional logging and reporting device for low volumes of logs

If you have high log volumes, you should use a dedicated FortiAnalyzer

Question 5

Management layers

Answer 5

Global ADOM level
ADOM level
Device management layer

Question 6

Global ADOM layer contain

Answer 6

Global objects shared across ADOMs
Header policies
Footer policies

Question 7

ADOM layer contains

Answer 7

Common object db. The databases contains information such as addresses, services, and security profiles.
Devices
Device groups
Policy packages

Question 8

Device manager layer contain

Answer 8

Centrally managed Device info:
name and type of device
model
IP address
current firmware installed
revision history
real-time status.

Question 9

What happens if device config changes

Answer 9

whether the change is made locally or on the FortiManager—then, FortiManager compares the current configuration revision to the changed configuration, and creates a new configuration revision on FortiManager.
Whether the configuration change is big or small, FortiManager records it and saves the new configuration.

Question 10

Which statement about global ADOM layers is true

A. Same policy can be assigned to multiple ADOMS
B. global ADOM rules are auto installed on managed FGT

Answer 10

A. Same policy can be assigned to multiple ADOMS

Question 11

What info is recorded in device manager layer for managed device

A. Common ADOM layer db
B. Real-time status of managed device

Answer 11

B. Real-time status of managed device

Question 12

FMG deployment best practice

Answer 12

1. Deploy behind fw
2. Open only required ports
3. For remote access outside of the network define Virtual IP

Question 13

What statement about managed FAZ on FMG is true

A. FMG supports FAZ reports
B. FMG has logging rate restriction on managed FAZ

Answer 13

A. FMG supports FAZ reports

Question 14

Which port used between FMG and FGT for remote config management (IPv4)

A. TCP/541
B. TCP/514

Answer 14

A. TCP/541

Question 15

Which statement about large mssp using FMG is true

A. Each customer must have dedicated FMG
B. ADOMS can be used by separate customers

Answer 15

B. ADOMS can be used by separate customers

Question 16

Which API is available on FMG

A. JSON API
B. UML API

Answer 16

A. JSON API

Question 17

FMG ha heartbeat or sync port

Answer 17

TCP/5199