Fortinet · FCP_FMG_AD-7.6
Validates the ability to centrally manage multiple FortiGate devices using FortiManager, covering administration, device registration, policy and object management, advanced configuration, and troubleshooting. Designed for network and security analysts responsible for day-to-day management of FortiGate security policies via FortiManager.
Practice Questions
600
≈ 10 practice exams
Duration
70 minutes
Passing Score
Pass/Fail
Difficulty
ProfessionalLast Updated
May 2026
Use this FCP_FMG_AD-7.6 practice exam to prepare for FCP - FortiManager 7.6 Administrator (FCP_FMG_AD-7.6) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 600 questions for Fortinet FCP_FMG_AD-7.6, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Administration and Initial Configuration, Device Manager and ADOM Management, Policy and Object Management, FortiGuard Services Configuration, and High Availability. Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The FCP – FortiManager 7.6 Administrator (FCP_FMG_AD-7.6) certification validates a professional's ability to centrally manage multiple FortiGate devices using Fortinet's FortiManager platform. The exam tests applied knowledge across the full FortiManager administrative lifecycle, including initial system configuration, administrative domain (ADOM) management, device registration and synchronization, centralized policy and object management, FortiGuard services integration, high availability configuration, logging, reporting, and troubleshooting at both device and system levels. The exam is based on FortiManager 7.6.1 and FortiOS 7.6, ensuring relevance to current production deployments.
This certification is a recognized elective within the Fortinet Certified Professional (FCP) – Network Security track. To earn the FCP – Network Security designation, candidates must pass a core exam (FCP – FortiGate Administrator) plus one elective; FCP_FMG_AD-7.6 fulfills that elective requirement. Effective July 15, 2026, the associated course and exam will transition from the NSE 5 – Secure Networking track to the NSE 6 – Secure Networking track, reflecting its increasing depth and specialization.
This certification is designed for network and security analysts, firewall administrators, and security engineers who are responsible for the day-to-day centralized management of FortiGate security policies and device configurations through FortiManager. It is particularly well-suited to professionals working in environments with multiple FortiGate devices, such as large enterprises, managed service providers (MSPs) managing multiple customer tenants, and organizations with distributed branch deployments.
Candidates typically hold roles such as Network Security Administrator, Security Operations Center (SOC) Analyst, Firewall Engineer, or IT Security Specialist. Those pursuing advancement into senior roles—such as Network Security Architect or Fortinet Consultant—also benefit from this credential as a step toward higher-level Fortinet certification tracks.
There are no formal prerequisites to register for or sit the FCP_FMG_AD-7.6 exam. However, Fortinet strongly recommends that candidates possess prerequisite knowledge of all topics covered in the FortiGate Administrator course, as FortiManager operations are deeply integrated with FortiGate configuration concepts. Hands-on familiarity with FortiGate device administration, security policy management, and basic networking fundamentals (routing, VLANs, firewall rules) is essential for success.
Fortinet's official training recommendation is completion of the FortiManager Administrator instructor-led course (7 lecture hours, 6 lab hours across approximately two days), which covers the exact domains tested in the exam. Candidates with 6–12 months of practical experience managing FortiGate devices in a production environment—particularly those who have worked with centralized management tools—are well-positioned to attempt this exam.
The FCP_FMG_AD-7.6 exam consists of 35 multiple-choice questions to be completed within 70 minutes. Questions are either single-selection or multiple-selection format. Fortinet's scoring policy requires that all selected answers in a multiple-selection question must be correct to receive credit for that question—no partial credit is awarded. Incorrect answers do not incur a score penalty.
The exam is delivered in English and Japanese through Pearson VUE, available at Pearson VUE test centers worldwide as well as via online proctoring (OnVUE) for remote candidates. The exam result is reported as Pass or Fail; no numerical score is disclosed. The exam fee is $200 USD.
Earning the FCP – FortiManager 7.6 Administrator credential positions professionals for roles directly responsible for enterprise-scale network security operations, including Network Security Administrator, Firewall Engineer, SOC Analyst, and MSP Security Engineer. Fortinet holds a leading market share in the network security space, and organizations running Fortinet Security Fabric deployments increasingly require administrators who can operate FortiManager at scale. Certified professionals with Fortinet FCP credentials typically command salaries in the range of $80,000 to $135,000 annually in the United States, depending on experience level and geography, with senior architects and consultants often exceeding those figures.
The FCP_FMG_AD-7.6 is particularly valuable for MSP engineers managing multiple customer environments through FortiManager's multi-ADOM architecture, and for enterprise administrators tasked with consolidating security policy management across distributed branch networks. Compared to vendor-neutral certifications, this credential provides immediate, role-specific validation that hiring managers at Fortinet-centric organizations directly recognize. The certification aligns with the NICE Cybersecurity Workforce Framework, supporting applicability in federal and government-sector hiring contexts.
5 sample questions with answers and explanations. The full bank has 600 questions, enough for 10 full-length practice exams.
Preview — answers shown1. An administrator is studying the FortiManager two-database architecture to better understand how configuration operations affect the system. Which three statements correctly describe the behavior of FortiManager configuration operations? (Select three!)
Multiple correct answersExplanation
Three operations are correctly described. The Install operation pushes the contents of FortiManager's Device Database to the managed FortiGate over the FGFM tunnel and, upon successful installation, updates the Remote Database to reflect the newly installed running state while creating a configuration revision. The Revert operation changes the Device Database to match the content of a selected historical revision — this is a local change within FortiManager only and requires a subsequent Install operation to actually push the reverted configuration to the managed device. The Import operation retrieves the FortiGate's running configuration and uses it to update both the Remote Database and the Device Database simultaneously, effectively accepting out-of-band device changes as the new source of truth. The Retrieve operation updates only the Remote Database, not the Device Database, making any statement describing it as updating both databases incorrect. Configuration revisions are created only upon successful installation events, not on every GUI save — administrators can make dozens of changes in FortiManager without generating any revisions until an install is performed.
2. A Contoso MSSP administrator is onboarding a new customer whose FortiGate fleet is managed entirely by the customer's own internal team. The customer requires FortiManager to store configuration backups and revision history only — the customer explicitly does not want FortiManager pushing policy changes to their devices. Which ADOM mode should the administrator configure for this customer's dedicated ADOM? (Select one!)
Explanation
Advanced mode, also referred to as Backup mode, is specifically designed for scenarios where FortiManager functions primarily as a configuration backup repository rather than an active policy management platform. In this mode the FortiGate remains the authoritative source of configuration truth, and FortiManager has limited push capability. This is the appropriate choice for customers who manage their own FortiGate configurations locally but want FortiManager's backup, revision history, and audit trail capabilities. Normal mode establishes FortiManager as the primary configuration manager with full policy push authority, which directly contradicts the customer's requirement. Workflow mode is a workspace mode setting that is entirely separate from ADOM mode — it controls change approval workflows but does not change whether FortiManager actively manages and pushes device configurations. Read-only mode is not a valid ADOM mode option in FortiManager — the two supported ADOM modes are Normal and Advanced.
3. Contoso's administrator runs the Retrieve operation on a managed FortiGate that was modified out-of-band. After retrieval completes, the administrator wants to understand exactly what changed. Which two statements correctly describe the effect of the Retrieve operation? (Select two!)
Multiple correct answersExplanation
The Retrieve operation pulls the current running configuration from the FortiGate and stores it in the Remote Device Database, which is the cached copy of the device's actual running configuration. The Device Database, which is the administrator's desired state staging area, is NOT modified by Retrieve. After retrieval, Install Preview or database comparison tools display the delta between the Device Database (still containing the original staged config) and the newly updated Remote Device Database (now containing the device's actual running config). This delta view allows the administrator to decide whether to accept the device's local changes via Import or overwrite them via Install. Retrieve does not create revision entries; revisions are tied to installation events.
4. Adatum's junior administrator adds a model device to FortiManager in preparation for a zero-touch deployment. How many FortiManager device licenses does this model device consume before it is linked to a physical FortiGate? (Select one!)
Explanation
A model device in FortiManager does not consume a device license until it is linked to a real physical FortiGate. Once the physical device connects to FortiManager and is matched to the model device entry, the license is then consumed. This design allows administrators to pre-stage configurations for zero-touch deployments without impacting the license count.
5. A Northwind Traders managed security service provider currently manages 85 FortiGate devices across multiple customer ADOMs and plans to add 20 additional customer devices within the next quarter. Which FortiManager VM license tier is the minimum required to accommodate both current and projected device counts? (Select one!)
Explanation
The organization currently manages 85 devices and plans to add 20 more for a total projected count of 105 devices. FMG-VM-100 supports a maximum of 100 managed devices, which is insufficient once the additional 20 devices are onboarded. FMG-VM-1000 supports up to 1,000 managed devices, which accommodates the projected count of 105 with room for further growth. FMG-VM-BASE only supports 10 devices, far below the current count. FMG-VM-UL supports unlimited devices but is unnecessarily expensive at this scale. Each managed FortiGate consumes one device license regardless of whether it is a physical appliance or a VM, and each member of a FortiGate HA cluster also consumes a separate license.
FCP – Secure Wireless LAN 7.4 Administrator (FCP_FWF_AD-7.4)
FCP_FWF_AD-7.4 · 600 questions
Fortinet NSE 4 – FortiOS 7.6 Administrator (FOS-ADM-7.6)
FOS-ADM-7.6 · 600 questions
Fortinet NSE 5 - FortiNAC-F 7.6 Administrator
NSE 5 · 600 questions
Fortinet NSE 5 - FortiSASE and SD-WAN 7.6 Core Administrator (NSE5_SSE_AD-7.6)
NSE5_SSE_AD-7.6 · 600 questions
Fortinet NSE 5 - FortiSwitch 7.6 Administrator (NSE5_FSW_AD-7.6)
NSE5_FSW_AD-7.6 · 600 questions
Fortinet NSE 6 - FortiAnalyzer 7.4 Administrator (FCP_FAZ_AD-7.4)
FCP_FAZ_AD-7.4 · 600 questions
$17.99
One-time access to this exam