nse5_fmg-72 Exam - Question 20

Since "users" is not mandatory, and all the other elements are set, the policy will be created. Tested in lab: Local-FG # config firewall policy Local-FG (policy) # edit 2 new entry '2' added Local-FG (2) # set srcintf a Local-FG (2) # set dstintf b Local-FG (2) # set srcaddr all Local-FG (2) # set dstaddr all Local-FG (2) # set action accept Local-FG (2) # set schedule always Local-FG (2) # set service ALL Local-FG (2) # set users student entry not found in datasource value parse error before 'student' Command fail. Return code -3 Local-FG (2) # set nat enable Local-FG (2) # next Local-FG (policy) # end Local-FG # show firewall policy config firewall policy edit 2 set uuid 00879f84-bf81-51ee-3191-7623414c44a4 set srcintf "a" set dstintf "b" set srcaddr "all" set dstaddr "all" set action accept set schedule "always" set service "ALL" set nat enable

D. Policy ID 2 is installed without the remote user student. Tested this in my LAB with a Script on Fortigate through FortiManager. User/Student fails to be created, but the Firewall policy is created fine.

D is the answer.

D is correct. User is not a mandatory field.

A. Policy ID 2 will not be installed. The reason for this conclusion is that the 'set users student' command failed with the error message "entry not found in datasource" and a return code of -3. This indicates that the user 'student' could not be found in the specified datasource, and as a result, the configuration for Policy ID 2 is likely to be incomplete or not installed.

D is the correct answer

D is the answer.

If a defined value on the new policy doesn’t exist (in this case the user student, due to issues with the LDAP configuration), then the Fortimanager won’t install the policy.