100+ Free FCP FortiManager 7.4 Practice Questions

Pass your Fortinet FCP - FortiManager 7.4 Administrator (FCP_FMG_AD-7.4) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

Not published Pass Rate

100+ Questions

100% Free

1 / 100

Question 1

Score: 0/0

What is the primary purpose of an ADOM (Administrative Domain) on FortiManager?

To group users by network access role

To logically separate managed devices, policies, and objects by tenant or function

To divide a FortiGate into multiple virtual firewalls

To replicate the FortiManager database to a secondary unit

to track

2026 Statistics

Key Facts: FCP FortiManager 7.4 Exam

Questions

Fortinet exam description

65 min

Total Seat Time

60 testing + 5 tutorial

Pass/Fail

Scoring

Fortinet

$200

Exam Fee

Pearson VUE

2 years

Cert Validity

Fortinet

30-50 hrs

Study Time

Recommended

The Fortinet FCP_FMG_AD-7.4 exam contains 35 multiple-choice/multiple-select questions completed in 65 minutes (60 testing minutes plus a 5-minute tutorial), graded pass/fail, delivered at Pearson VUE for $200 USD. It covers ADOMs, device management, policy packages and objects, and diagnostics on FortiManager 7.4. There are no formal prerequisites.

Sample FCP FortiManager 7.4 Practice Questions

Try these sample questions to test your FCP FortiManager 7.4 exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1What is the primary purpose of an ADOM (Administrative Domain) on FortiManager?

A.To group users by network access role

B.To logically separate managed devices, policies, and objects by tenant or function

C.To divide a FortiGate into multiple virtual firewalls

D.To replicate the FortiManager database to a secondary unit

Explanation: ADOMs (Administrative Domains) on FortiManager logically partition managed devices, policy packages, objects, scripts, and revision history. They are used to separate tenants, business units, or device families so administrators only see the devices and policies relevant to them.

2Which two ADOM modes does FortiManager 7.4 support? (Choose two)

A.Normal mode

B.Advanced mode

C.Workflow mode

D.Backup mode

Explanation: FortiManager ADOMs operate in either Normal mode or Advanced mode. Normal mode (the default) restricts each managed FortiGate to a single VDOM-to-policy-package mapping that aligns with the device tree, while Advanced mode allows different VDOMs of the same device to be assigned to different policy packages within the ADOM. Workflow is a separate ADOM-level setting and Backup mode is a device-management state.

3An administrator wants to assign different policy packages to different VDOMs on the same FortiGate within one ADOM. Which ADOM mode is required?

A.Normal mode

B.Advanced mode

C.Workflow mode

D.Backup mode

Explanation: Advanced ADOM mode is required when different VDOMs of the same FortiGate must receive different policy packages within a single ADOM. Normal mode only allows one policy package per device, regardless of how many VDOMs the device has.

4What happens when a FortiGate running a different firmware version than its ADOM is added to FortiManager?

A.FortiManager refuses the connection until firmware is matched

B.The device is added but appears with a version-mismatch flag and may be moved to a matching ADOM

C.FortiManager automatically downgrades the FortiGate firmware

D.The device is silently moved to the global ADOM

Explanation: Each ADOM is bound to a specific FortiOS major version. When a FortiGate is added with a non-matching version, FortiManager flags it as a version mismatch and the device is typically placed in the ADOM that matches its firmware. Administrators can then upgrade the device or move it to the appropriate ADOM.

5Which feature must be enabled before ADOMs can be created on FortiManager?

A.Workflow mode

B.ADOM feature flag in System Settings

C.FortiAnalyzer features

D.FortiGuard distribution

Explanation: ADOMs are disabled by default. The administrator must enable the ADOM feature in System Settings (or via 'config system global' / 'set adom-status enable') before any ADOM can be created. This unlocks the ADOM tree in the GUI and CLI.

6Which port and protocol does the FGFM tunnel between FortiGate and FortiManager use by default?

A.TCP 443 (HTTPS)

B.TCP 541 (FGFM)

C.UDP 514 (syslog)

D.TCP 8013 (FortiAnalyzer)

Explanation: FGFM (FortiGate-to-FortiManager) uses TCP port 541 by default to establish a persistent management tunnel. Configuration retrieval, push installs, and keep-alives all flow through this encrypted channel. TCP 443 is for HTTPS GUI/API access, UDP 514 is syslog, and TCP 8013 is the FortiAnalyzer log channel.

7Which CLI command on a FortiGate displays the current FortiManager registration and FGFM tunnel state?

A.diagnose sys top

B.diagnose fdsm contract

C.diagnose fmg-status

D.execute central-mgmt status

Explanation: The 'diagnose fmg-status' command on FortiOS shows the FortiManager IP/serial, registration status, and whether the FGFM tunnel is up. This is the first place to look when central management appears unhealthy. 'execute central-mgmt status' is not a valid command, and the others address process or contract data.

8What is the role of a 'model device' in FortiManager?

A.A reference template applied to existing devices for compliance audits

B.A placeholder representing a device that has not yet been physically deployed, used for pre-staging configuration

C.A logical replica used for HA failover testing

D.A read-only mirror of a managed device

Explanation: A model device is a placeholder created in Device Manager before the physical FortiGate is deployed. Administrators can apply provisioning templates and policy packages to the model device, and when the actual FortiGate phones home (typically via Zero-Touch Provisioning), the staged configuration is pushed automatically.

9Which two requirements must be met for Zero-Touch Provisioning (ZTP) of a FortiGate via FortiManager? (Choose two)

A.The FortiGate must reach FortiManager (directly or via FortiDeploy/FortiCare)

B.The FortiGate must already be running a custom firmware build

C.A model device with serial number and configuration must exist on FortiManager

D.The FortiGate must be joined to an Active Directory domain

Explanation: ZTP requires that the FortiGate can reach FortiManager (often through FortiDeploy/FortiCare for the initial redirection), and that a model device matching the serial number with the desired configuration is staged in FortiManager. When the FortiGate boots and contacts FortiManager, the staged config is applied automatically.

10Which type of FortiManager template combines pre-run CLI, system settings, and SD-WAN/IPsec templates into a single staged provisioning unit?

A.Provisioning template

B.CLI template group

C.Policy package

D.Revision history snapshot

Explanation: A provisioning template (sometimes called a device template) bundles system settings, SD-WAN templates, IPsec templates, certificate templates, and CLI templates so they can be applied to a model device or device group consistently. CLI template groups only chain CLI templates; policy packages cover firewall policy/objects.

About the FCP FortiManager 7.4 Exam

The Fortinet FCP FortiManager 7.4 Administrator certification (FCP_FMG_AD-7.4) validates the skills needed to deploy, configure, and operate FortiManager for centralized FortiGate management. It covers deployment and configuration, device management, firewall policies and objects, and diagnostics and troubleshooting at the FortiManager 7.4 release.

Questions

35 scored questions

Time Limit

65 minutes

Passing Score

Pass/Fail

Exam Fee

$200 USD (Fortinet / Pearson VUE)

FCP FortiManager 7.4 Exam Content Outline

~30%

Deployment and Configuration

ADOMs (normal and advanced mode), HA active-passive with file sync, RBAC and admin profiles, backup/restore, FortiGuard distribution, FortiAnalyzer features on FortiManager, central management protocol (FGFM)

~30%

Device Management

Device Manager, model devices, ZTP/ZTNA, provisioning templates, CLI templates and CLI template groups, scripts, install operations (preview, validate, install device DB only), revision history, SD-WAN and IPsec VPN templates, fabric view

~25%

Firewall Policies and Objects

Per-ADOM and global ADOM, policy packages, header and footer policies, dynamic objects, normalized interfaces, shared object library, workflow mode, validation

~15%

Diagnostics and Troubleshooting

fmg-status, FGFM tunnel diagnostics, debug commands, log filters, install-error troubleshooting, version mismatch handling, exec hyperlink to managed devices

How to Pass the FCP FortiManager 7.4 Exam

What You Need to Know

Passing score: Pass/Fail
Exam length: 35 questions
Time limit: 65 minutes
Exam fee: $200 USD

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

FCP FortiManager 7.4 Study Tips from Top Performers

1Lab ADOM modes — create normal and advanced ADOMs and assign different policy packages to different VDOMs in advanced mode

2Master the install path — preview, validate, and 'install device DB only' have specific use cases the exam tests

3Build at least one provisioning template that bundles CLI, SD-WAN, and IPsec templates so you understand the layering

4Practice 'diagnose fmg-status' on FortiGate and 'diagnose dvm device list' on FortiManager — both are common troubleshooting commands

5Study header and footer policies in the global ADOM and how they merge with per-ADOM packages

6Know the FGFM tunnel basics — TCP 541, central-management settings, and what causes 'Unregistered' or 'Conflict' device states

7Review revision history and backup/restore — the exam expects you to know which feature to use for change tracking versus DR

Frequently Asked Questions

What is on the Fortinet FCP FortiManager 7.4 exam?

FCP_FMG_AD-7.4 covers four domains on FortiManager 7.4: Deployment and Configuration (ADOMs, HA active-passive, RBAC, FortiGuard distribution, FortiAnalyzer features, FGFM), Device Management (model devices, ZTP, provisioning/CLI/SD-WAN/IPsec templates, scripts, install operations, revision history, fabric view), Firewall Policies and Objects (per-ADOM and global ADOM, policy packages, header/footer policies, dynamic objects, normalized interfaces, workflow mode), and Diagnostics and Troubleshooting (fmg-status, FGFM tunnel debug, log filters, install errors).

How long is the FCP FortiManager 7.4 exam and how many questions?

The FCP_FMG_AD-7.4 exam has 35 multiple-choice and multiple-select questions and a total seat time of 65 minutes (60 minutes of testing plus a 5-minute tutorial). It is graded pass/fail and delivered at Pearson VUE test centers and via OnVUE online proctoring.

How much does the Fortinet FCP FortiManager 7.4 exam cost?

The exam fee is $200 USD through Pearson VUE. Vouchers and bundled training are sometimes available through Fortinet Training Institute. The certification is one of the FCP (Fortinet Certified Professional) network security elective exams and remains valid for two years.

Are there prerequisites for FCP FortiManager 7.4?

There are no formal prerequisites. Fortinet recommends candidates have hands-on experience deploying and operating FortiManager and FortiGate. Familiarity with FortiOS firewall policies, IPsec VPN, and SD-WAN is helpful because FortiManager configures these features at scale on managed FortiGates.

What is the difference between FCP FortiManager 7.4 and NSE 5 FortiManager?

FCP_FMG_AD-7.4 is the current version and replaces the older NSE 5 FortiManager exam under Fortinet's revamped FCP/FCSS certification framework. The content focus is similar (ADOMs, device management, policy packages, diagnostics) but FCP_FMG_AD-7.4 is aligned to FortiManager 7.4 features such as updated provisioning templates, expanded fabric view, and current FGFM behaviors.

How long should I study for the FCP FortiManager 7.4 exam?

Most candidates spend 30-50 hours preparing. Recommended steps are: complete the official FortiManager 7.4 Administrator course on Fortinet Training Institute, build a lab with FortiManager VM plus 2-3 FortiGate VMs, practice ADOM creation, model devices/ZTP, provisioning and CLI templates, install operations, and run debug commands like 'diagnose fmg-status' and FGFM debug to internalize troubleshooting flows.