ExamGecko
Home / Fortinet / FCSS_SASE_AD-24 / List of questions
Ask Question

Fortinet FCSS_SASE_AD-24 Practice Test - Questions Answers

Add to Whishlist

List of questions

Question 1

Report Export Collapse

Which event log subtype captures FortiSASE SSL VPN user creation?

Endpoint Events

Endpoint Events

VPN Events

VPN Events

User Events

User Events

Administrator Events

Administrator Events

Suggested answer: C
Explanation:

The event log subtype that captures FortiSASE SSL VPN user creation is User Events . This subtype is specifically designed to log activities related to user management, such as creating, modifying, or deleting user accounts. When an SSL VPN user is created, it falls under this category because it involves adding a new user to the system.

Here's why the other options are incorrect:

A . Endpoint Events: These logs pertain to activities related to endpoint devices, such as device registration, compliance checks, or security posture assessments. SSL VPN user creation is unrelated to endpoint events.

B . VPN Events: These logs capture activities related to VPN connections, such as session establishment, termination, or errors. While SSL VPN usage generates VPN events, the creation of a user account itself is not logged under this subtype.

D . Administrator Events: These logs track actions performed by administrators, such as configuration changes or policy updates. While an administrator might create the SSL VPN user, the specific event of user creation is categorized under User Events, not Administrator Events.

Fortinet FCSS FortiSASE Documentation - Event Logging and Subtypes

FortiSASE Administration Guide - Monitoring and Logging

asked 27/03/2025
Adam Vce
43 questions

Question 2

Report Export Collapse

When deploying FortiSASE agent-based clients, which three features are available compared to an agentless solution? (Choose three.)

Vulnerability scan

Vulnerability scan

SSL inspection

SSL inspection

Anti-ransomware protection

Anti-ransomware protection

Web filter

Web filter

ZTNA tags

ZTNA tags

Suggested answer: A, C, E
asked 27/03/2025
S Tharakanparampil
45 questions

Question 3

Report Export Collapse

Which FortiSASE feature ensures least-privileged user access to all applications?

secure web gateway (SWG)

secure web gateway (SWG)

SD-WAN

SD-WAN

zero trust network access (ZTNA)

zero trust network access (ZTNA)

thin branch SASE extension

thin branch SASE extension

Suggested answer: C
Explanation:

Zero Trust Network Access (ZTNA) is the FortiSASE feature that ensures least-privileged user access to all applications. ZTNA operates on the principle of 'never trust, always verify,' providing secure access based on the identity of users and devices, regardless of their location.

Zero Trust Network Access (ZTNA):

ZTNA ensures that only authenticated and authorized users and devices can access applications.

It applies the principle of least privilege by granting access only to the resources required by the user, minimizing the potential for unauthorized access.

Implementation:

ZTNA continuously verifies user and device trustworthiness and enforces granular access control policies.

This approach enhances security by reducing the attack surface and limiting lateral movement within the network.

FortiOS 7.2 Administration Guide: Provides detailed information on ZTNA and its role in ensuring least-privileged access.

FortiSASE 23.2 Documentation: Explains the implementation and benefits of ZTNA within the FortiSASE environment.

asked 27/03/2025
Karoy Bandi
41 questions

Question 4

Report Export Collapse

Refer to the exhibits.

Fortinet FCSS_SASE_AD-24 image Question 4 63878634795480486894272

Fortinet FCSS_SASE_AD-24 image Question 4 63878634795480486894272

Fortinet FCSS_SASE_AD-24 image Question 4 63878634795480486894272

A FortiSASE administrator has configured an antivirus profile in the security profile group and applied it to the internet access policy. Remote users are still able to download the eicar.com-zip file from https://eicar.org. Traffic logs show traffic is allowed by the policy.

Which configuration on FortiSASE is allowing users to perform the download?

Web filter is allowing the traffic.

Web filter is allowing the traffic.

IPS is disabled in the security profile group.

IPS is disabled in the security profile group.

The HTTPS protocol is not enabled in the antivirus profile.

The HTTPS protocol is not enabled in the antivirus profile.

Force certificate inspection is enabled in the policy.

Force certificate inspection is enabled in the policy.

Suggested answer: D
Explanation:

https://community.fortinet.com/t5/FortiSASE/Technical-Tip-Force-Certificate-Inspection-option-in-FortiSASE/ta-p/302617

asked 27/03/2025
Marcel Wienhusen
49 questions

Question 5

Report Export Collapse

An organization wants to block all video and audio application traffic but grant access to videos from CNN Which application override action must you configure in the Application Control with Inline-CASB?

Allow

Allow

Pass

Pass

Permit

Permit

Exempt

Exempt

Suggested answer: A
Explanation:

(https://docs.fortinet.com/document/fortisase/24.4.75/sia-agent-based-deployment-guide/568255/configuring-application-control-profile

asked 27/03/2025
Wilfried Wagener
42 questions

Question 6

Report Export Collapse

Refer to the exhibits.

Fortinet FCSS_SASE_AD-24 image Question 6 63878634795511736074753

Fortinet FCSS_SASE_AD-24 image Question 6 63878634795511736074753

When remote users connected to FortiSASE require access to internal resources on Branch-2. how will traffic be routed?

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-2. which will then route traffic to Branch-2.

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-2. which will then route traffic to Branch-2.

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a static route

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a static route

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-1, which will then route traffic to Branch-2.

FortiSASE will use the SD-WAN capability and determine that traffic will be directed to HUB-1, which will then route traffic to Branch-2.

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a dynamic route

FortiSASE will use the AD VPN protocol and determine that traffic will be directed to Branch-2 directly, using a dynamic route

Suggested answer: D
asked 27/03/2025
Erik-Jan Brul
42 questions

Question 7

Report Export Collapse

What are two advantages of using zero-trust tags? (Choose two.)

Zero-trust tags can be used to allow or deny access to network resources

Zero-trust tags can be used to allow or deny access to network resources

Zero-trust tags can determine the security posture of an endpoint.

Zero-trust tags can determine the security posture of an endpoint.

Zero-trust tags can be used to create multiple endpoint profiles which can be applied to different endpoints

Zero-trust tags can be used to create multiple endpoint profiles which can be applied to different endpoints

Zero-trust tags can be used to allow secure web gateway (SWG) access

Zero-trust tags can be used to allow secure web gateway (SWG) access

Suggested answer: A, B
Explanation:

Zero-trust tags are critical in implementing zero-trust network access (ZTNA) policies. Here are the two key advantages of using zero-trust tags:

Access Control (Allow or Deny):

Zero-trust tags can be used to define policies that either allow or deny access to specific network resources based on the tag associated with the user or device.

This granular control ensures that only authorized users or devices with the appropriate tags can access sensitive resources, thereby enhancing security.

Determining Security Posture:

Zero-trust tags can be utilized to assess and determine the security posture of an endpoint.

Based on the assigned tags, FortiSASE can evaluate the device's compliance with security policies, such as antivirus status, patch levels, and configuration settings.

Devices that do not meet the required security posture can be restricted from accessing the network or given limited access.

FortiOS 7.2 Administration Guide: Provides detailed information on configuring and using zero-trust tags for access control and security posture assessment.

FortiSASE 23.2 Documentation: Explains how zero-trust tags are implemented and used within the FortiSASE environment for enhancing security and compliance.

asked 27/03/2025
ABHIJIT GHOSH
32 questions

Question 8

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_SASE_AD-24 image Question 8 63878634795527360538873

In the user connection monitor, the FortiSASE administrator notices the user name is showing random characters. Which configuration change must the administrator make to get proper user information?

Become a Premium Member for full access
  Unlock Premium Member

Question 9

Report Export Collapse

Refer to the exhibit.

Fortinet FCSS_SASE_AD-24 image Question 9 63878634795558609619355

To allow access, which web tiller configuration must you change on FortiSASE?

Become a Premium Member for full access
  Unlock Premium Member

Question 10

Report Export Collapse

Which policy type is used to control traffic between the FortiClient endpoint to FortiSASE for secure internet access?

Become a Premium Member for full access
  Unlock Premium Member
Total 43 questions
Go to page: of 5

Related questions