Exhibit.
An administrator would like to create three ADOMs on FortiManager with different access levels based on departments. What two conclusions can you draw from the design shown in the exhibit? (Choose two.)
Correct Answer:
AC
Based on the exhibit, the FortiManager administrator is setting up three ADOMs (Administrative Domains) that correspond to different departments (Financial, HR, and IT). Each ADOM has specificFortiGate devices or VDOMs (Virtual Domains) assigned to it, with different administrators managing the ADOMs.
Explanation of Options:
✑ A. The FortiManager administrator must set the ADOM device mode to Advanced.
✑ B. Policies and objects databases can be shared between the Financial and HR ADOMs.
✑ C. An administrator with the super user profile can access all the VDOMs.
✑ D. The administrator must configure FortiManager in workspace normal mode.
Conclusion:
✑ Ais correct becauseAdvanced modeis necessary for managing VDOMs within ADOMs.
✑ Cis correct because asuper usercan access all VDOMs and ADOMs without restrictions.
Exhibit.
Given the configuration shown in the exhibit, which two statements are true? (Choose two.)
Correct Answer:
BC
The provided screenshot from FortiManager shows several key elements that help answer the question:
✑ Thepadlock iconnext to the "Remote-FortiGate" policy package indicates that this
policy package islocked, which means it is currently being edited or has been checked out by an administrator. This is typical behavior when the ADOM (Administrative Domain) workspace is inuse, and a session is active where an administrator is working on a policy package.
✑ Theabsence of a lock iconnext to "Local-FortiGate_root" and "default" indicates
that these policy packages are not locked and are available for editing.
✑ Statement B(FortiManager is in workflow mode): This istrue. The fact that one of the policy packages is locked suggests that FortiManager is operating inADOM workflow modeor at least in a state where it enforces locking for editing, typically seen in Normal ADOM modes. Inworkflow mode, an administrator needs to lock a workspace before making changes.
✑ Statement C(The FortiManager ADOM is locked by the administrator): This istrue.
The presence of the padlock on "Remote-FortiGate" signifies that the ADOM, or more specifically, this policy package within the ADOM, has been locked by the administrator.
✑ Statement A(An administrator can also lock the Local-FortiGate_root policy
package): This isnotnecessarily true. The administrator can lock the "Local- FortiGate_root" policy package, but as shown in the exhibit, it iscurrently not locked, so this option is not a certainty in this state.
✑ Statement D(The FortiManager ADOM workspace mode is set to Normal): This
istrue, but not the best option compared to B and C, as it can be inferred that the mode is set to Normal due to the locking behavior, but the more direct information is about the ADOM being locked by an administrator.
Exhibit.
Given the configuration shown in the exhibit, what are two results from this configuration?
{Choose two.)
Correct Answer:
BD
The configuration shown in the exhibit sets theworkspace-mode to normal. The workspace mode in FortiManager defines how configuration changes and administrative tasks are handled, specifically regarding locking and collaboration in ADOMs (Administrative Domains).
Understanding the workspace modes:
✑ Normal Mode:In this mode, only one administrator at a time can lock and edit an ADOM. The changes made by one administrator must be completed and saved before another administrator can make changes. It prevents concurrent read-write access within the same ADOM.
✑ Workflow Mode:This mode allows multiple administrators to work on different tasks within the same ADOM, but changes still need to be approved before being committed.
Explanation of Options:
✑ A. You can validate administrator login attempts through external servers.
✑ B. The same administrator can lock more than one ADOM at the same time.
✑ C. Two or more administrators can make configuration changes at the same time, in the same ADOM.
✑ D. Concurrent read-write access to an ADOM is disabled.
Which API method is used to create objects or overwrite existing ones?
Correct Answer:
A
In the context of the FortiManager JSON API, thesetmethod is used tocreate new objects oroverwrite existing ones. The API allows administrators to manage FortiManager and its associated devices by automating tasks like configuration changes, policy updates, and object creation.
Explanation of Options:
✑ A. Set:
✑ B. Add:
✑ C. Exec:
✑ D. Update:
What will be the result of reverting to a previous revision version in the revision history?
Correct Answer:
C
✑ Option C: It will modify the device-level database.This is correct. Reverting to a previous revision version in the revision history affects the device-level database by restoring it to the state saved in the selected revision. This ensures that any changes made after the selected revision are discarded, and the device configuration is returned to the earlier state.
Explanation of Incorrect Options:
✑ Option A: It will install configuration changes to managed devices automaticallyis incorrect because reverting a revision does not automatically push changes to the devices; it merely reverts the configuration on the FortiManager.
✑ Option B: It will tag the device settings status as Auto-Updateis incorrect because "Auto-Update" is not a status related to the revision history mechanism.
✑ Option D: It will generate a new version ID and remove all other revision history versionsis incorrect as reverting to a previous revision does not delete all other versions; it creates a new revision point for tracking.
FortiManager References:
✑ Refer to the "Revision Management" section in the FortiManager Administration Guide, which provides an overview of how revisions are managed and utilized for restoring configurations.