本文主要是介绍考题篇(6.2) 01 ❀ FortiManager ❀ Fortinet 网络安全专家 NSE 5,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
A. All device configurations including global databases are synchrorized in the HA cluster. 〖所有设备配置(包括全局数据库)都在HA集群中同步。〗
B. FortiGuard databases are downloaded separately by each cluster device. 〖FortiGuard数据库由每个集群设备分别下载。〗
C. FortiGuard databases are downloaded by the primary FortManager device and then synchronized with all secondary devices. 〖FortiGuard数据库由主FortiManager设备下载,然后与所有从设备同步。〗
D. Local logs and log configuration settings are synchronized in the HA cluster. 〖本地日志和日志配置在HA集群中同步。〗
有一些配置设置、FortiGuard数据库和日志没有在主设备和从设备之间同步。FortiGuard数据库和软件包是单独下载的,每个设备都可以为被管理的设备提供FortiGuard服务。
A. It will install configuration changes to managed device automatically 〖它将自动安装配置更改到被管理的设备〗
B. It will tag the device settings status as Auto-Update 〖它将标记设备设置状态为自动更新〗
C. It will generate a new version ID and remove all other revision history versions 〖它将生成一个新的版本ID,并删除所有其他修订历史版本〗
D. It will modify the device-level database 〖它将修改设备级数据库〗
修订历史中的还原操作将把设备数据库配置更改为以前的配置状态。
Which two statements correctly describe the result? (Choose two.) 〖哪两个陈述正确地描述了结果?(选择两个)〗
A. It will not create a new revision in the revision history 〖它不会在修订历史中创建新的修订〗
B. It installs device-level changes to FortiGate without launching the Install Wizard 〖它在不启动安装向导的情况下将设备级更改安装到FortiGate〗
C. It cannot be canceled once initiated and changes will be installed on the managed device 〖一旦启动,就不能取消,更改将安装在被管理的设备上〗
D. It provides the option to preview configuration changes prior to installing them 〖它提供了在安装配置更改之前预览配置更改的选项〗
快速安装选项允许你在不启动安装向导的情况下快速安装设备级设置。使用此选项时,无法在提交之前预览更改。管理员应该在使用这个安装选项之前确定更改,因为安装不能在流程启动后取消。
How can the administrator unlock the ADOM? 〖管理员如何解锁ADOM?〗
A. Restore the configuration from a previous backup. 〖从以前的备份恢复配置。〗
B. Log in as Super_User in order to unlock the ADOM. 〖以Super_User身份登录以解锁ADOM。〗
C. Log in using the same administrator account to unlock the ADOM. 〖请使用同一管理员帐号登录解锁。〗
D. Delete the previous admin session manually through the FortiManager GUI or CLI. 〖通过FortiManager GUI或CLI手动删除以前的admin会话。〗
当ADOM被锁定时,如果遇到FortiManager的连接意外关闭(PC崩溃或浏览器关闭),它将保持锁定状态,直到管理员会话超时或会话被删除。管理员可以通过GUl或CLI方式删除会话。删除前一个会话后,ADOM将立即解锁。
A. The policy package reports inconsistencies and conflicts during a Policy Consistency Check. 〖在进行策略一致性检查时,策略包会报告不一致和冲突。〗
B. The policy package does not have a FortiGate as the installation target. 〖策略包没有FortiGate作为安装目标。〗
C. The policy package configuration has been changed on both FortiManager and the managed device independently. 〖在FortiManager和被管理设备上已经分别更改了策略包配置。〗
D. The policy configuration has never been imported after a device was registered on FortiManager. 〖在FortiManager上注册设备后,未导入策略配置。〗
冲突:如果你在FortiGate上进行了本地策略配置更改,但没有将更改导入到策略包中,并且你也在FortiManager上进行了更改,则状态将进入冲突状态。根据配置更改,你可以导入策略包或从FortiManager安装更改。
A. JSON and XML
B. JSON and YAML
C. YAML and REST
D. XML and YAML
如果你想使用API来监视你的系统,或者使用第三方设备来设置或获取数据,你可以使用JSON和XML API。FortiManager API是一个非常强大的工具,它向客户提供管理web门户、自动部署和供应系统。
A. By a dollar symbol ($) at the end of the device name 〖通过设备名末尾的美元符号($)〗
B. By an at symbol (@) at the end of the device name 〖通过设备名末尾的at符号(@)〗
C. By a Question: mark(?) at the end of the device name 〖通过设备名末尾的问号(?)〗
D. By an Asterisk (*) at the end of the device name 〖通过设备名末尾的星号(*)〗
末尾星号标识根FortiGate
A. When run on the device database, you can install changes to the managed FortiGate devices using the installation wizard. 〖在设备数据库上运行时,可以使用安装向导安装被管理FortiGate设备的更改。〗
B. When run on the device database, changes are automatically installed to the managed FortiGate devices. 〖当在设备数据库上运行时,被管理FortiGate设备将自动安装更改。〗
C. When run on managed devices directly, changes are automatically installed to the managed FortiGate devices. 〖当直接在被管理设备上运行时,更改会自动安装到被管理FortiGate设备上。〗
D. When run on managed devices directly, you can install changes to the managed FortiGate devices using the installation wizard. 〖当直接在被管理设备上运行时,你可以使用安装向导安装对被管理FortiGate设备的更改。〗
脚本可以以三种不同的方式运行:
● 设备数据库:默认情况下,在设备数据库上执行脚本。建议你在设备数据库上运行更改(默认设置),因为这允许你检查将发送给被管理设备的配置更改。一旦脚本在设备数据库上运行,你就可以使用安装向导将更改安装到被管理设备上。
● 策略包,ADOM数据库:如果脚本包含与ADOM级对象和策略相关的更改,你可以更改默认选择,以在策略包、ADOM数据库上运行,然后可以使用安装向导进行安装。
● Remote FortiGate Directly(通过CLI):脚本可以直接在设备上执行,不需要使用安装向导安装更改。由于更改直接安装在被管理设备上,因此在执行配置更改之前,不提供通过FortiManager验证和检查配置更改的选项。
A. During discovery, the FortiManager NATed IP address is not set by default on FortiGate. 〖发现过程中,FortiGate上没有默认设置FortiManager nat IP地址。〗
B. FortiGate can announce itself to FortiManager only if the FortiManager non-NATed IP address is configured on FortiGate under central management. 〖只有在中央管理下的FortiGate上配置了FortiManager非nat IP地址时,FortiGate才能向FortiManager宣布自己。〗
C. FortiGate is discovered by FortiManager through the FortiGate NATed IP address. 〖FortiGate是由FortiManager通过FortiGate nat IP地址发现的。〗
D. If the FGFM tunnel is torn down, FortiManager will try to re-establish the FGFM tunnel. 〖如果FGFM隧道被拆除,FortiManager将尝试重建FGFM隧道。〗
如果两个设备(FortiManager和FortiGate)都位于NAT设备后面,FortiManager通过FortiGate nat IP地址发现FortiGate设备。就像在NAT后的FortiManager场景中一样,这个场景中的FortiManager NAT IP地址不是在FortiGate中央管理配置下配置的。如果FGFM隧道中断,FortiManager将不会尝试重新建立到FortiGate nat地址的FGFM隧道。如果在中央管理配置下在FortiGate上配置了FortiManager nat IP地址,如果被拆除,FortiGate会尝试重新建立fgffm隧道。
A. FortiGuard databases are downloaded separately by each cluster device. 〖FortiGuard数据库由每个集群设备分别下载。〗
B. FortiGuard databases are downloaded by the primary FortiManager device and then synchronized with all secondary devices. 〖FortiGuard数据库由主FortiManager设备下载,然后与所有从设备同步。〗
C. All device configurations including global databases are synchrorized in the HA cluster. 〖所有设备配置(包括全局数据库)都在HA集群中同步。〗
D. Local logs and log configuration settings are synchronized in the HA cluster. 〖本地日志和日志配置在HA集群中同步。〗
有一些配置设置、FortiGuard数据库和日志没有在主设备和从设备之间同步。FortiGuard数据库和软件包是单独下载的,每个设备都可以为被管理的设备提供FortiGuard服务。
这篇关于考题篇(6.2) 01 ❀ FortiManager ❀ Fortinet 网络安全专家 NSE 5的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
