Pass4Future also provide interactive practice exam software for preparing Fortinet NSE 5 - FortiSandbox 5.0 Administrator (FCP_FSA_AD-5.0) Exam effectively. You are welcome to explore sample free Fortinet FCP_FSA_AD-5.0 Exam questions below and also try Fortinet FCP_FSA_AD-5.0 Exam practice test software.
Do you know that you can access more real Fortinet FCP_FSA_AD-5.0 exam questions via Premium Access? ()
You are asked to create some custom VMs to better represent your security environment. In which two FortiSandbox deployments is this supported? (Choose two answers)
Answer : A, C
From the Scanning and Rating Components lesson, the Study Guide explicitly states:
'FortiSandbox allows you to modify the number of CPUs and memory assigned to a custom VM. This feature is supported on hardware models and private cloud VMs.'
Hardware models = Device-based (Option C)
Private cloud VMs = Private cloud (Option A)
Azure non-nested mode and FortiSandbox Cloud do not support custom VM creation as per the Study Guide.
You must increase the scanning capacity of a FortiSandbox device by increasing the number of clones, but the FortiSandbox local clone limit is already at maximum. Which two actions can you take to expand the scanning capacity of the unit? (Choose two answers)
Answer : A, D
From the Scanning and Rating Components lesson, the Study Guide states:
'The universal VM license is a single license that grants you access to multiple VMs. Provides a scalable and cost-effective solution with up to 200 VMs on a single unit. Clone count limits shown on the VM Settings view apply to all enabled VM Types.'
'When you enable Adaptive Scan, FortiSandbox dynamically adjusts the number of clones of any local VMs you have enabled. Enabling this option does not affect the number of remote Mac OS or Windows cloud VMs.'
This confirms:
Option A --- Deploying remote WindowsCloudVM and MACOSX clones expands capacity beyond local clone limits since remote VMs are not subject to local clone restrictions
Option D --- Adding VM licenses directly increases the number of available VMs up to 200 on a single unit
Reorganizing the scan priority list (B) only affects scan order, not capacity. Adding custom VMs (C) would still be subject to the same local clone limits.
You are asked to configure a FortiSandbox HA cluster. Port 4 on the primary and secondary nodes is dedicated for HA-specific communication. Which command must you use to configure the primary node? (Choose one answer)
Answer : D
The Study Guide states that HA is configured from the CLI and that ''the main HA cluster CLI commands are hc-settings, hc-slave, and hc-status''. It also explains that ''You use the hc-settings command and options to configure the main HA settings... node alias, group name, group password, and the HA interface.'' The same HA section further says that the primary and secondary nodes must have a dedicated HA communication interface, and specifically notes that ''port4 in this example'' is the HA interface between them.
On the primary-node example configuration shown on page 137 of the uploaded study guide, the command uses -tM for the primary node with -iport4 for the HA interface. That directly matches option D. The other options use different node-type flags and do not correspond to the primary-node example. Therefore, the correct command is hc-settings -sc -tM -nPrimaryNode -cFSAGrp -p
How can you limit an administrator's access to scan jobs on FortiSandbox based on the system that submitted the scan request? (Choose one answer)
Answer : D
The correct answer is D. The Study Guide states that FortiSandbox has default administrative profiles and specifically says: ''The Read Only profile is intended to be used for system-wide monitoring and reporting tasks, whereas the Device profile is intended to be used for monitoring alerts and reporting for a specific device.'' That wording directly matches the question requirement to limit access based on the system that submitted the scan request. In other words, FortiSandbox uses administrator profiles to control whether an admin can view broad system-wide activity or only jobs and alerts related to a specific submitting device.
This eliminates the other options. The Study Guide does not describe device groups, log server settings, or netshare groups as the mechanism for restricting admin visibility of scan jobs by submitter. Instead, access control is tied to the admin profile model. The Device profile is the exact fit because it narrows monitoring and reporting to a particular device context rather than the entire system. Therefore, the way to limit an administrator's access to scan jobs by the submitting system is by configuring administrator profiles that define job access.
When using SIMNET, which two inspections cannot be performed with real traffic? (Choose two answers)
Answer : A, C
From the Deployment and System Settings lesson, the Study Guide explicitly states what SIMNET cannot do with real traffic:
'When the malware attempts to download a file, FortiSandbox provides a fake download package. This allows the downloader to successfully execute; however, FortiSandbox cannot run its antivirus inspection on the file.'
'If the malware creates a callback connection to an IP, FortiSandbox cannot rate the IP, to determine if it's a botnet server.'
This confirms:
Option A (AV inspection) --- Cannot be performed because SIMNET provides fake download packages, preventing real antivirus scanning
Option C (IP reputation) --- Cannot be performed because SIMNET uses internal IPs for DNS responses, making IP reputation lookups meaningless against real botnet databases
Dynamic scan and URL rating can still occur inside the sandbox even without real internet access.
