very true !! furthermore a warning message is shown to let the administrator know that the object is currently being configured in another workstpace transaction
I made a mistake earlier and voted B as that made most sense at the time. After checking in my lab, C is the correct answer. You are indeed presented with only the "return" option on the object on a downstream device when trying to edit a Global fabric object created on the root device.
I created a firewall object on a root fortigate. Then, on a downstream FG the object appeared, but when I tried to edit it the OK button was missing. Only the return button is present.
It doesn't happen like that in Workspace mode. So C is the correct option.
When an administrator edits an object in workspace mode, it is locked, preventing other administrators from editing that object. A warning message is shown to let the administrator know that the object is currently being configured in another workspace transaction. Pg. 25 in Enterprise_Firewall_7.2_Study_Guide-Online.pdf
In workspace mode the "OK" button is present, you get an error message as soon as you click on it.
When you create a fabric object on a root device, it will synchronize to the downstream devices (if enable) and you will not be able to modify the object on any downstream devices. The "OK" button will NOT be available on downstream devices.
A bit tricky from the screenshots, as if B was indeed the correct answer, a warning should be shown that the object is being edited by a different user.
A doesn't make much sense, as you wouldn't be able to make changes to either of the objects if you were in read-mode.
You can edit and configure downstream Fortigates in a Security Fabric at will. There is nothing in the screenshots signifying that this is a downstream device, or the root device.
We you can still configure objects on local devices even if they are managed by FortiManager, and as with question A; if you had logged into a Centrally managed device as read-only, you wouldn't be able to edit any of the objects.
I believe the answer is B, as that makes most sense, even though it is difficult to tell from the screenshots themselves.
Scratch that. The Answer is C. Just tested in my lab, and when creating as a global fabric object, I am not able to edit the adress object on the downstream Fortigate. If it was an object in workspace mode, you would get a warning that the object is locked in a different transistion by a different user.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
charruco
Highly Voted 8 months, 3 weeks agorac_sp
6 months, 2 weeks agotruserud
Highly Voted 9 months, 2 weeks agoBatherDom
Most Recent 2 months, 4 weeks agorac_sp
6 months, 2 weeks agoevdw
7 months, 1 week agohavokdu
7 months, 3 weeks agoGabrielVillamizar
9 months agor3n0
9 months, 3 weeks agoTotoahren
9 months, 4 weeks agoTotoahren
10 months agoTotoahren
10 months agoac89l
10 months agotruserud
10 months, 1 week agotruserud
9 months, 2 weeks agoMikeSco001
10 months, 1 week agotenebrox
10 months, 1 week ago5deee77
10 months, 2 weeks agorananaj
10 months, 3 weeks ago