NSE 7 – Enterprise Firewall 7.0 — Question 40

You have configured FortiManager as a local FDS to provide FortiGate AV and IPS updates, but FortiGate devices are not receiving updates to their AV signature databases, IPS engines, or IPS signature databases.
Which two settings need to be verified for these features to function? (Choose two.)

Answer options

• A. FortiGate needs to have the server list entry for FortiManager set to server-type update under config system central-management.
• B. FortiManager needs to be the license validation server for FortiGate devices trying to retrieve updated AV and IPS packages.
• C. Service access needs to be enabled on FortiManager under System Settings > Network.
• D. FortiGate needs to have include-default-servers disabled under config system central-management.

Correct answer: A, C

Explanation

Option A is correct because FortiGate must specifically recognize FortiManager as a server for update purposes to receive updates. Option C is also correct since enabling service access on FortiManager is essential for communication and updates to occur. Options B and D are incorrect as they do not directly relate to the necessary settings for update functionality in this context.